|
|
Posted by kevin bailey on 08/12/07 16:05
I have used the PEAR Auth package to successfully set up authentication.
<code>
// Details of where the authentication details are stored.
$options = array(
'dsn' => "pgsql://graphicomm2:pw@localhost/graphicomm2",
'table' => "v_active_users",
'usernamecol' => "f_email",
'passwordcol' => "f_password",
);
$a = new Auth("MDB2", $options, "loginFunction");
$a->setSessionname("GCERP");
$a->start();
</code>
However, this does not seem to change the session name in the browser when I
check the cookies.
But -but - but - it does work in the sense that I can log in to two
different php applications from different tabs on the same browser and the
authentication is separate. I.e. if I am logged into one app it does not
mean that I am allowed to access the second app.
The problem I have is that $_SESSION variables seem to be cross
application!?! I.e. if I use a $_SESSION variable it can be accessed from
either application.
Now I know I can uniquely name the $_SESSION variables which will probably
be the interim solution but I would have thought that there would be a way
of limiting $_SESSION variables to that particular session as set by the
setSessionname.
Any thoughts - thanks,
Kevin
Navigation:
[Reply to this message]
|