[eluser]coolgeek[/eluser]
I'm being forced to login again every time my ISP changes my IP address. Will setting 'login_record_ip' to FALSE in the config file prevent this? If yes, are there any side effects, particularly with regard to security? If not, any other suggestions?
Also, I am sometimes seeing multiple ci_sessions records for the same IP address (same user_id, different session_id). Why does this happen? It's not a different browser, and it's less than the 62 day expiration
thanks
[eluser]Vinzent Zeppelin[/eluser]
If the CAPTCHA image isn't showing up at all, make sure the GD extension is enabled. This happened to me.
One thing: I do need to extend the user class somewhat, in order to add a couple of fields specific to my application. I've added the appropriate columns in the user table; where are the columns handled (i.e. what do I need to patch)?
[eluser]coolgeek[/eluser]
[quote author="coolgeek" date="1252121590"]I'm being forced to login again every time my ISP changes my IP address. Will setting 'login_record_ip' to FALSE in the config file prevent this? If yes, are there any side effects, particularly with regard to security? If not, any other suggestions?
Also, I am sometimes seeing multiple ci_sessions records for the same IP address (same user_id, different session_id). Why does this happen? It's not a different browser, and it's less than the 62 day expiration
thanks[/quote]
Anybody? Gromozeka? Bueller?
[eluser]Vinzent Zeppelin[/eluser]
[quote author="Vinzent Zeppelin" date="1252390136"]If the CAPTCHA image isn't showing up at all, make sure the GD extension is enabled. This happened to me.
One thing: I do need to extend the user class somewhat, in order to add a couple of fields specific to my application. I've added the appropriate columns in the user table; where are the columns handled (i.e. what do I need to patch)?[/quote]
I think I've got this taken care of -- at first I was a bit confused because I was looking at the create_user function in the User model, but turns out I needed to edit the parameters of create_user (lines 157, 174) in the library itself. It seems strange to call the library which calls the model, rather than the other way around. Maybe this could be changed in a future version, to allow for greater extensibility?
[eluser]lcoon[/eluser]
Tank Auth is GREAT!!
I have just one question, Is there a way after login to redirect the user back to the page that directed them to the login screen in the first place?
An example would be.. "User A" is typing away on a form and went away from this desk, allowing his session to expire. After a while "User A" comes back to his computer and hits send on the form. Instead of going to submit the form the program will take him back to the login screen, after logging back in it will redirect "User A" to the main page. It's not really user friendly in that regards. I've looked twice over this form and couldn't find the answer to my question, so please redirect me to a good place to look if this subject is already covered.
[eluser]sszynrae[/eluser]
you could probably do a periodical updater ajax request thing to check if you are logged in, and if that fails just present the login form overlayed or something.
as for the redirect, that can be done easily with javascript. make an input field near your hidden login form (if you use a greyout screen or another hidden login form type approach) and login via an ajax request. onsuccess do something like this: (I use prototype, but you get the gist)
if ( $F('login_link') ) [removed] = $F('login_link');
else [removed] = [removed];
i observe each link that require login initially and onclick stop the event, put the event.element().readAttribute('href') inside the hidden input. the actual login link itself doesnt actually lead anywhere (hence refresh (else part))
edit: removed = wind0w.loc4tion (made it code safe now) : P
[eluser]sszynrae[/eluser]
hm, i have a problem on my own now that i finally moved everything to a live server and got to test the email stuff for the first time. It sends and everything is fine with that, but the html is outputted in code view, i.e. not rendered, which would be fine if I could just turn it off? Does anyone know where do this? my email config file says tankauth needs type=html, and setting to text doesnt do anything.
[eluser]Gromozeka[/eluser]
Check config/email.php file, this is the place where mail type is set (for whole project). There should be line like this:
Code: $config['mailtype'] = 'html';
The full listing of my email.php file is below:
Code: $config['wordwrap'] = TRUE;
$config['wrapchars'] = 80;
$config['mailtype'] = 'html';
$config['charset'] = 'utf-8';
$config['priority'] = 3;
$config['newline'] = '\r\n';
[eluser]sszynrae[/eluser]
ah, i am being retarded.
the config/email.php already had the line $config['email']['mailtype'] = 'html';
so figured i had to keep using the $config['email'] array for tank auth as well, fail.
worked perfectly now with html, thank you : )
[eluser]Refringe[/eluser]
I would highly, highly, highly, highly, highly, highly, highly, highly recommend removing the max_length and alpha-dash validation restrictions on the password fields throughout the example Auth controller that comes with this library. The password_max_length configuration option should be removed as well.
Long passwords with symbols should be recommended, and never disallowed. I know this is just an example controller, but many people will use it and not think twice.
Other then that little hang-up, this is a wonderful library. Thank you for your hard work!
|
