Hello Tim,
the problem ist that page.inc will call auth->loginform() in every case. _After_ that auth-
>validatelogin() will be called.
What can you do: Use auth_preauth() like that:
---- snip begin ----
function auth_preauth() {
global $username, $password, $sess;
return $this->auth_validatelogin();
}
---- snip end ----
That should work.
Hope this helps,
Peter Kursawe
On 24 Jun 2002 at 14:26, Tim Stebbing wrote:
From: Tim Stebbing <ti...@oc...>
To: php...@li...
Subject: [Phplib-users] alternate auth method
Date sent: Mon, 24 Jun 2002 14:26:39 +1000
> Hello,
>
> Im after some help, I am attempting to authenticate from a windows
> application that launches a browser, users enter their details into
> the application and it opens a browser with username=foo&password=md5hash
> in the URL.
>
> I have extended the auth class as explained in the documentation:
>
> class Example_Auth extends Auth
> {
> var $classname = "Example_auth"; # Object serialization support
>
> var $lifetime = 15;
>
> ## DB_Sql subclass and database table to use
> var $database_class = "DB_Example";
> var $database_table = "auth_user";
>
> ## Some magic value to make our uids harder to guess.
> var $magic = "Abracadabra";
>
> ## Use an own login form
> function auth_loginform() {
> global $sess;
> include("templates/login_error.php");
>
> }
>
> function auth_validatelogin() {
> global $username, $password; ## form variables from loginform.ihtml
>
> $this->auth["uname"]=$username;
> $uid = false;
>
> $query = sprintf(
> "select password,user_id from %s where username = '%s'",
> $this->database_table,$username);
> $this->db->query($query);
>
> while($this->db->next_record()) {
>
> if($password == md5($this->db->f("password")."secret_string"))
> {
> $uid = $this->db->f("user_id");
> $this->auth["perm"] = "admin";//$this->db->f("perms");
> }
> }
>
> return $uid;
> }
> }
>
> This method works, however, when authentication suceeds, the user
> is still redirected to the error page, and if they refresh the
> browser then they get to the actual content. What I want is for
> users to gain access immeadiatly of they authenticate correctly,
> but be redirected to an error page if they fail. the loginform is
> replaced by the application.
>
> Can anyone help/point me in the right direction?
>
> Thanks, Tim
>
> --
> +----------------------------------------------+
> Tim Stebbing,
> ti...@oc..., www.oceanablue.com.au
> Software Development Services.
> +----------------------------------------------+
>
>
> -------------------------------------------------------
> Sponsored by:
> ThinkGeek at http://www.ThinkGeek.com/
> _______________________________________________
> Phplib-users mailing list
> Php...@li...
> https://lists.sourceforge.net/lists/listinfo/phplib-users
|
