The problem with trying to write php security/login scripts from scratch is that inevitably you miss the latest exploit and end up with something that appears secure, but is actually about as good as a wet paper bag.
Simplest option is as Berend suggests. The 'partial content' page is public, the 'full content' page is protected by apache. Alternatively, you could try an OpenID class: http://www.phpclasses.org/browse/package/3290.html#download There are heaps of classes at PHPClasses under 'user management'. There must be something that meets your needs: http://phpclasses.sitehost.co.nz/browse/class/21.html On Apr 14, 12:54 am, Berend de Boer <[email protected]> wrote: > >>>>> "Jmumby" == Jmumby <[email protected]> writes: > > Jmumby> Not one for re-inventing the wheel but I can't seem to find > Jmumby> a class that looks after user management quite the way I > Jmumby> want. I want to have a basic page that shows some content > Jmumby> then when a user log's in it shows extended content. Most of > Jmumby> the classes I have found have an all or nothing > Jmumby> approach. i.e you can see the page or you can't. Anyone have > Jmumby> any suggestions, or am I going to have to start from > Jmumby> scratch? > > Even in Drupal this would be custom code (except if it were a block) > > In situations like this I usually opt for a link to the protected > content as that is cheaper for the client and usually good enough. > > Or .htaccess if it's an all or nothing. Peudo-code: > > RewriteCond %{REMOTE_USER} !="" > RewriteRule (.*) $1/protected [last] > > Code might not be correct, but hopefully you get the drift: if user is > logged in via HTTP authentication, redirect to the protected page. > > -- > Cheers, > > Berend de Boer --~--~---------~--~----~------------~-------~--~----~ NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected] -~----------~----~----~----~------~----~------~--~---
