[prev in list] [next in list] [prev in thread] [next in thread]
List: phplib-dev
Subject: Re: [PHPLIB-DEV] "nobody" default authentication after login_if()
From: Massimiliano Masserelli <negro () sgabanaz ! interim ! it>
Date: 1999-11-24 10:05:24
[Download RAW message or body]
On Wed, Nov 24, 1999 at 02:15:09AM -0600, Adam N. Thompson, MCNE wrote:
AT> If we call login_if() to allow a "nobody" user to log in, then the
AT> user clicks the "back" button...
AT> They aren't returned to "nobody" status - they are forced to log in.
AT> The call to unauth() inside login_if() causes this, of course, but is
AT> there any way to prevent it?
Yes, but it is a bit tricky. I mean, when the login form is displayed, the
uid is no longer "nobody" or "2097vdskjh0ds09dus" or "", but "auth". This
means that we have presented a form and we should validate the form
input. To exit from this state, you have to set a global, which by default
is $cancel_login (but you may change the name via $auth->$cancel_login) in
all public pages. If you think your users are a bit smarter, provide a
"cancel" button in the loginform.ihtml which calls
$sess->url("a/public/page.php3?cancel_login=1").
Bye.
--
Massimiliano Masserelli | URL: http://www.interim.it/
Internet Images S.r.l. | Tel: +39-051-3390671
vicolo Viazzolo, 3 | Fax: +39-051-557890
40124 - Bologna - Italy |
-------------------------------------------------------------------------------
Uva, s.f.:
Frutta che abbronza.
-- Da it.hobby.umorismo
-
PHPLIB Developers Mailing List. Send messages to <phplib-dev@lists.netuse.de>.
To unsubscribe, send "unsubscribe" to <phplib-dev-request@lists.netuse.de> in
the body, not the subject, of your message.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic