any comments ? Edmund -- http://www.edmund-mergl.de fon: +49 700 edemergl
Edmund, I have idea for AuthenDBI.pm. I have not tried to code it yet, however. The function would come in two parts: A) Provide an option to keep a count of the number of times a user logs in. Store this value in DBI field. (Other field may also be considered, see below.) B) Provide a directive to perform a comparison on any and all fields of the user who successfully logged in. If the comparison is true, provide a URL to REDIRECT the user. The directives could be something like: Auth_DBI_logcount usecount Where usecount is the DBI field name to record the number of times a user has logged in. Auth_DBI_compare {regexp} URL Where regexp is the compare string and where URL is where to REDIRECT the user. I think that the original URL should be passed as a URL ? argument, so that the REDIRECT cgi target could determine the original request's URL. The regexp would have to be able to easily use any arbitrary field values. Perhaps simply by pre-appending the field name with a '$', for example: Auth_DBI_compare {$username='xyz' && $usecount%2} /cgi/newDBIpasswd.pl This would run the "/cgi/newDBIpasswd.pl?original-URL" script every other time for user 'xyz'. Other additional informational fields that may be considered are: Auth_DBI_time fieldname to keep track of when the user last logged in. Auth_DBI_reject fieldname to keep track of the number of bad log in attempts. What do you think? What did you think of my AuthzDBI.pm, "set field environment variable" hack, that sent you yesterday?