Il mar, 2002-08-27 alle 14:53, Bingo Ale ha scritto: > However, I have a bunch of pages that need to login > using my own PHP authentication and then they carry a > session ID that basically allows the user to be logged > in.
This is a kind of 'application authentication'. As far as I know, at the actual state ht://Dig does not support this, unless you have the chance to use some tricks. However you should know how identification and authorization are performed, and which CGI variables are involved. As far as the SID propagation, there shouldn't be any problem if you compiled PHP with '--enable-trans-sid' either when using the 3.1.x branch or the 3.2.x (which supports cookies). > How should I dig such pages and force a login? For instance, if there is a login page and the uname and passwd fields are directly managed from the QUERY STRING, you could give a try to set the start_url to: [URL of the login script]?uname=your_username&passwd=your_passwd and see what happens. However takes this as just an example. It may not work indeed. I hope it could give you anyway a sort of test from which to start. Keep me posted -Gabriele -- Gabriele Bartolini - Web Programmer Comune di Prato - Prato - Tuscany - Italy [EMAIL PROTECTED] | http://www.comune.prato.it > find bin/laden -name osama -exec rm {} ;
signature.asc
Description: PGP signature
