Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Libraries & Helpers Redux Authentication 1.4a (24th July 2008)
Redux Authentication 1.4a (24th July 2008)
  • El Forum
    Guest
  •  
#111
05-27-2008, 11:01 AM

[eluser]alekz[/eluser]
Hi, again I'm been using your lib for my shopping cart project, and i was thinking that a good enhancement would be to add a remember me feature to avoid login every time the users visit the site...

Thanks in advance...
  • El Forum
    Guest
  •  
#112
05-27-2008, 11:18 AM

[eluser]gunter[/eluser]
[quote author="alekz" date="1211925704"]remember me......[/quote]

arenĀ“t you logged in until the session expires??
  • El Forum
    Guest
  •  
#113
05-28-2008, 07:11 AM

[eluser]Popcorn[/eluser]
MCrittenden : I'm glad you are finding it easy to use.

alekz : As gunter said, you are logged in until the session expires. If you want the session to expire when the browser closes, look at this patch : http://ellislab.com/forums/viewthread/70036/
  • El Forum
    Guest
  •  
#114
06-01-2008, 09:11 AM

[eluser]visionit[/eluser]
Is it just me or is the "sessions" table permanently blank?

Logged in or out, the table is always empty and there are no variables defined for it in the configs either.

Any ideas?
  • El Forum
    Guest
  •  
#115
06-01-2008, 09:31 AM

[eluser]Tom Glover[/eluser]
Sessions table is controlled by CI sessions lib, which is configured in the main config file.
  • El Forum
    Guest
  •  
#116
06-01-2008, 09:40 AM

[eluser]visionit[/eluser]
Hi Research Assistant

The stange thing is... I've enabled sessions, defined the table name and enabled "use database" but it wasn't writing to the table.

I've just opened phpmyadmin and it's working?!?! :confused:

Thanks for the prompt reply.
  • El Forum
    Guest
  •  
#117
06-01-2008, 09:46 AM

[eluser]Tom Glover[/eluser]
Hey, Welcome to the forums, my name is actually Tom Glover or WackyWebs.net, and Research Assistant is my title. At the moment you are a Summer Student but after 30 -50 posts that will change to Grad Student.
  • El Forum
    Guest
  •  
#118
06-03-2008, 04:33 AM

[eluser]Sceneshift[/eluser]
I love Redux auth, I'm using it for an upcoming project but I have one concern.

At the moment, if a page is supposed to be secure, I am calling a custom function which checks if the session data is set and then query the database it check if the ID matches up with the users ID... if it all matches up, the user is authenticated.

I can't help but feel there should be more to it than that, is it possible that a hacker could somehow manipulate the session ID?
  • El Forum
    Guest
  •  
#119
06-03-2008, 05:19 AM

[eluser]visionit[/eluser]
As far as I'm aware, you don't need to check the session yourself... just use

if(!$this->redux_auth->logged_in()) {
// NOT LOGGED IN
} else {
// LOGGED IN
}

You could combine it with get_group to give certain users access to a page/function

if(($this->redux_auth->logged_in()) && (get_group($this->session->userdata('id')) == "admin"))
// LOGGED IN AS ADMIN
} else {
// NOT LOGGED IN AT ALL / NOT AN ADMIN
}
  • El Forum
    Guest
  •  
#120
06-03-2008, 05:22 AM

[eluser]visionit[/eluser]
Calling "get_group" when the user isn't logged in returns bool false... but I've adapted the library to return "guest" / 0, which makes life easier when managing group numbers in the database.




Theme © iAndrew 2016 - Forum software by © MyBB