-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
While this isn't a really a PHP problem, I figured I can't be the first
person to ever have tried to solve this problem. Basically I have a web
site with many kinds of content (static html, PHP, cgi's of various
flavors, etc) and I'm looking to create a way to do user authentication
and authorization against a DB for all this content. While there are
various existing solutions to do this (like mod_auth_db), none of them
seemed to fit my requirements:
1) Support *my* MySQL database schema
2) Light memory usage (ie, no modperl)
3) Support any kind of content (cgi, php, static html, etc)
4) Not require changes to existing content (ie, I don't want to do a
require "security.php"; in all the php pages I want to secure).
The closest I've come so far is using mod_layout to allow my custom PHP
script to generate HTTP headers so that I can do the user authentication
myself. This is actually working very well for most pages and is
completely content agnostic since it's sourced via the Apache server, not
the content.
The problem with this is that mod_layout's LayoutHTTPHeader option seems
to be eating any POST's that CGI's or PHP scripts use. The mod_layout
list has been completely useless in trying to find the answer to this
issue.
So, does anyone have another viable solution to this problem? Are there
any builtin PHP options to source a php script during the http header
generation process for any content (not just other PHP scripts)? Are
there any other modules other than mod_layout that can do this? I know I
can do this with mod_perl, but it's a lot more memory intensive than PHP
so I'd like to avoid it if possible.
Thanks.
- --
Aaron Turner <[EMAIL PROTECTED]|synfin.net|linuxkb.org> URI:www.synfin.net
They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety. -- Benjamin Franklin
pub 1024D/F86EDAE6 Sig: 3167 CCD6 6081 0FFC B749 9A8F 8707 9817 F86E DAE6
All emails by me are PGP signed; a lack of a signature indicates a forgery.
I have retired my PGP 2.6.2 key: FBE1 CEED 57E4 AB80 596E 60BF 451B 20E8
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Public key at: http://www.synfin.net/aturner/pgpkey.asc
iEYEARECAAYFAjp2CJUACgkQhweYF/hu2ubc2gCfWeJTNlVgKrv/CrOyHoqRzbaI
XLkAn2LuiTg0lkYIyAdutAqXRyPnT8i4
=ytFC
-----END PGP SIGNATURE-----
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
