Page 1 of 1

admin script??

Posted: Sat Sep 20, 2003 9:56 am
by sammy sandbag
Here's my dilema: My website has a blog admin, mailing list admin, forum admin, comic admin, dictionary admin, and gallery admin page. Each one requires me to login to it when I need to access the page. Each one is located in different directories. Is there a script/program out there that would allow me to designate users access to all these different pages with one simple login and one logout. This would really save me a lot of time. Right now I have one page with all the links to all the other admin pages on it, it's the only way I can remember them all. Let me know if I need to clarify my problem some more, and I'm a noob so remember to type slowly :?

Thanks in advance,

Posted: Sat Sep 20, 2003 10:58 am
by DuFF
I am not exactly sure how you are handling your logins right now (cookies, sessions . . .) but what I have done in similar scenarios is to have one login with sessions. Once I login I am redirected to a Admin "home" page. This has all the links to the different pages that an admin can edit. On each of the PHP pages (in your example, blog, mailing list, comics. . .) I have an include() page at the top that checks if my session information is correct. If the session info is correct then the page is displayed, otherwise you can use die() to stop the page from loading.

Try looking around Hotscripts if you need an example.

Posted: Sat Sep 20, 2003 11:50 am
by cybaf
I've made a class using a challenge-respons authentication theme. The requirements are that you have a mysqldatabase where you have the logininformation. It uses a javascript for md5() hashing of the password so there is never a password sent over the network in clear text. send me an e-mail if you want the script.

Posted: Sat Sep 20, 2003 12:11 pm
by McGruff
Are you using cookies? If you're setting a cookie per folder. Try setting a cookie in a higher directory to cover all.

Another idea is to use sessions. Once you've authenticated a user you could pass a value around in $_SESSION. If you make that the user's IP, and check against $_SERVER['REMOTE_ADDR'] at each page load, that gives you some protection against query hijacking.

Posted: Sat Sep 20, 2003 12:21 pm
by sammy sandbag
well, like I said, I'm very new to php and web design, so I'll probably need to be talked through this. But, let me make sure I'm understood here. The problem: I run a site with a buddy of mine, with the potential for more administrators/contributers to come aboard. We have a b2 blog, a glossword dictionary, atp comic script, phpbb, gallery, and mymail mailing list. All of these have their own logon page. Is there a way to consolidate all these logon pages into one. Example, my main home page (index.php) located in the top directory of public_html could have a username and password field, when a user enters their information (assigned by me the admin) he is given access to all the admin pages without having to login to individual programs. This is what I'm looking for, maybe what you are suggesting will work, I'm just not clear on the lingo.
I am not exactly sure how you are handling your logins right now
all the logins are handled by the default login that comes with the installed program (b2, phpbb, etc) A few of my admin pages are in password protected directories (via Cpanel, which is htaccess I believe) These are my ATP comic program and MyMail mail lists.

Thanks once again for helping me out.

Posted: Sat Sep 20, 2003 1:11 pm
by McGruff
OK if you're using several different programs things just got more complicated. Each will have its own authenticaton system. If you're lucky, each of the programs will implement that as a discrete module. That way you can rewrite a suitable (single) replacement for all and slot it in.

I bet they don't though. If not, I guess you'll have to adjust an awful lot of scripts to make them work in this way.

Posted: Sat Sep 20, 2003 1:15 pm
by sammy sandbag
so... any suggestions??

Posted: Sat Sep 20, 2003 2:00 pm
by Albright
I'm actually trying to work on a program I'm calling Phanatix specifically for fan web sites that'll put forums, an art gallery, a blog-like news system, a fan fiction system, and possibly more all into one program. I too was bothered by having to have so many different programs; not only do I have to log in several times to use each program, but so do my site visitors. Having membership for each service handled by one program has some nifty advantages.

But I'm pretty new to PHP (but not to programming in general) myself, and I'm hard pressed finding free time to code any time other than the weekends, so it'll probably be a long time before it's finished -- if ever.

Posted: Sat Sep 20, 2003 3:15 pm
by sammy sandbag
well at least I know there are others looking for similar solutions. I just figured there would be some sorta pre-packaged php solution to this dilema. I guess I'll have to start looking at the source of all the login pages of these various programs and see if I can figure something out.