Hi!
since upgrading htmlarea seems to be more complicated than I originally hoped
(I'll give it a try after we meet the deadline. If we meet the deadline, that
is...), I turned back to authentication once again. What our client wants is
"user-friendly" (i.e. insecure) authentication, so that a user stays logged
in between visits. My current code is this:
if(isset($_POST["logout"])) {
// Log user out and redirect to root page
auth_logout();
header("location: /");
}
elseif(isset($_POST["login"])) {
// Create the authentication session
$result=auth_login($_POST["user"],$_POST["pass"]);
if($result) {
echo $result;
}
else{
// Login was successful, get user information
$user=mgd_get_person($midgard->user);
}
}
else{
// Refresh existing session from user's cookies
$login_error=auth_by_cookies();
if(!$login_error) {
// Session validated, get user information
$user=mgd_get_person($midgard->user);
}
}
error_reporting(E_ALL);
if($user){
// User found, show page content
?>
<[head]>
<[body]>
<?
}
I've browsed the source code a little and I found a function
auth_login_remember() that seems to do what I'm looking for. The problem is
that I don't know how to use it, simply replacing auth_login() with
auth_login_remember() didn't work. If anyone could give me a hint (or a link
to some documentation), that would be great.
Also, I was wondering if there is a way to make the username appear in
apache's log files (while still using NemeinAuthentication), because the
other feature they want is user tracking and simply writing the user name to
access.log and then making some nice statistics with awstats or webalizer
would be the best way I can think of.
Bye, and keep up the great work (especially helping newbies :-)!
Andreas
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
