I am currently trying to get the PEAR Auth package running for my site. I started with attempting to just test the package on a stand-alone basis, without incorporating it into the site proper. I adapted the example provided with the package and ran it on my local XAMPP installation. I have attached the complete code of my test file (index.php).
I am succeeding at calling the login form, logging in, and showing the screen confirming the login. I am testing whether a valid login exists using "if ($a->getAuth())". When I reload the index page after a successful login, however, I am thrown back to the Log in page (thus, getAuth() returning false). Instead, I would expect the script to recognize a valid login and still show the same output as before.
I also noticed that between states, the content of the session file is always the following: "_authsession|a:0:{}". Could anything be going wrong there? What content should the session file have anyway?
I have not been able to track down my mistake(s) so far. Can anyone help?
TIA
codejak
Code: Select all
<?php
session_start();
require_once "Auth.php";
// ini_set('session.use_trans_sid', 1);
// Takes three arguments: last attempted username, the authorization
// status, and the Auth object.
// We won't use them in this simple demonstration -- but you can use them
// to do neat things.
function loginFunction($username = null, $status = null, &$auth = null)
{
/*
* Change the HTML output so that it fits to your
* application.
*/
echo "<form method=\"post\" action=\"".$_SERVER['PHP_SELF']."\">";
echo "<label for=\"username\">User</label>";
echo "<input type=\"text\" name=\"username\">";
echo "<label for=\"password\">Password</label>";
echo "<input type=\"password\" name=\"password\">";
echo "<input type=\"submit\">";
echo "</form>";
}
if ( isset($_GET['logstep']) && $_GET['logstep'] == "login" ) {
$optional = true;
} else {
$optional = false;
}
$options = array(
'dsn' => "mysql://auth:auth@localhost/auth",
);
$a = new Auth("DB", $options, "loginFunction", $optional);
$a->start();
if ( isset($_GET['logstep']) && $_GET['logstep'] == "logout" )
{
$a->logout();
}
if ($a->getAuth())
{
echo "Welcome to the site!";
echo "<p>Session ID: ".session_id()."</p>";
echo "<p><a href=\"".$_SERVER['PHP_SELF']."\">Reload this page</a></p>";
echo "<p><a href=\"".$_SERVER['PHP_SELF']."?logstep=logout\">Log out</a></p>";
} else
{
echo "<p><a href=\"".$_SERVER['PHP_SELF']."?logstep=login\">Log in</a></p>";
echo "<p>Session ID: ".session_id()."</p>";
}
?>
[text]CREATE TABLE `auth` (
`username` varchar(50) NOT NULL DEFAULT '',
`password` varchar(32) NOT NULL DEFAULT '',
PRIMARY KEY (`username`),
KEY `password` (`password`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
INSERT INTO `auth` (`username`, `password`) VALUES
('dude', '13b73edae8443990be1aa8f1a483bc27');[/text]