By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
458,114 Members | 1,570 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 458,114 IT Pros & Developers. It's quick & easy.

PEAR auth package - how does setSessionname work?

P: n/a
I have used the PEAR Auth package to successfully set up authentication.
<code>
// Details of where the authentication details are stored.
$options = array(
'dsn' ="pgsql://graphicomm2:pw@localhost/graphicomm2",
'table' ="v_active_users",
'usernamecol' ="f_email",
'passwordcol' ="f_password",
);
$a = new Auth("MDB2", $options, "loginFunction");
$a->setSessionname("GCERP");
$a->start();
</code>

However, this does not seem to change the session name in the browser when I
check the cookies.

But -but - but - it does work in the sense that I can log in to two
different php applications from different tabs on the same browser and the
authentication is separate. I.e. if I am logged into one app it does not
mean that I am allowed to access the second app.

The problem I have is that $_SESSION variables seem to be cross
application!?! I.e. if I use a $_SESSION variable it can be accessed from
either application.

Now I know I can uniquely name the $_SESSION variables which will probably
be the interim solution but I would have thought that there would be a way
of limiting $_SESSION variables to that particular session as set by the
setSessionname.

Any thoughts - thanks,

Kevin

Aug 12 '07 #1
Share this Question
Share on Google+
1 Reply


P: n/a
You can use $_SESSION['app1']['x'] = 'y' and $_SESSION['app2']['a'] =
'b'.

This is how Auth does it internally. setSessionName tells the Auth
package to use values in $_SESSION['_auth_sessionName'] where
sessionName is the given name.

On Aug 12, 12:05 pm, kevin bailey <kbai...@freewayprojects.comwrote:
I have used the PEAR Auth package to successfully set up authentication.

<code>
// Details of where the authentication details are stored.
$options = array(
'dsn' ="pgsql://graphicomm2:pw@localhost/graphicomm2",
'table' ="v_active_users",
'usernamecol' ="f_email",
'passwordcol' ="f_password",
);
$a = new Auth("MDB2", $options, "loginFunction");
$a->setSessionname("GCERP");
$a->start();
</code>

However, this does not seem to change the session name in the browser when I
check the cookies.

But -but - but - it does work in the sense that I can log in to two
different php applications from different tabs on the same browser and the
authentication is separate. I.e. if I am logged into one app it does not
mean that I am allowed to access the second app.

The problem I have is that $_SESSION variables seem to be cross
application!?! I.e. if I use a $_SESSION variable it can be accessed from
either application.

Now I know I can uniquely name the $_SESSION variables which will probably
be the interim solution but I would have thought that there would be a way
of limiting $_SESSION variables to that particular session as set by the
setSessionname.

Any thoughts - thanks,

Kevin

Aug 17 '07 #2

This discussion thread is closed

Replies have been disabled for this discussion.