[pmwiki-users] authuser

Patrick R. Michaud pmichaud at pobox.com
Tue Jun 21 20:45:27 CDT 2005


On Tue, Jun 21, 2005 at 06:21:44PM -0700, H. Fox wrote:
> On 6/21/05, Hans <design at flutesong.fsnet.co.uk> wrote:
> > Is this:
> > 
> >      # ...set passwords and authuser settings...
> >      include_once('scripts/authuser.php');
> >      if ($AuthId) {
> >        $Author = $AuthId;
> >        setcookie('author',$Author,0,'/');
> >      }
> > 
> > equivalent to this (it seems to work similarly well):
> > 
> >     include_once('scripts/authuser.php');
> >     if (@$_SESSION['authid']) $Author=$_SESSION['authid'];
> 
> I believe so.

There's a slight difference, which may not be at all significant.
The first version sets the 'author' cookie on the browser, so
that subsequent requests to the system will continue to have
the author name (grabbed later by scripts/author.php).

The second version gets the author name from the 'authid' in
the session.  However, since @session_start() hasn't been
executed yet, the $_SESSION array may not be populated yet and
$Author won't be set.  Without some sort of cookie on the browser
to be grabbed by scripts/author.php, it won't ever be set, and
this could cause the display of {$Author} markup to change.

Yes, it's convoluted.  It's even probably wrong.  We're still
working out the details of how it ought to work and where these
things need to be set and maintained to preserve the various
desirable options.

Pm



More information about the pmwiki-users mailing list