pp wrote:
> > > > You mean you called mgd_auth_midgard?
> > >
> > > yes
> >
> > And you have confirmed that it succeeded?
>
> well, I can get SG1 topics in SG2 host, so I think yes.
>
But have you confirmed that you are in SG2? Does mgd_errstr eturn an
empty string after calling mgd_auth_midgard?
> > Just to get things clear: you can access SG0, SG1 and SG3 (for
> > example, but not SG2?
>
> exactly
>
So you can indeed access from 3 SGs. Hmm. OK, I'd have to see the
query sent to mysql.
Emile
> hmmm..... let me think, I use mgd_auth_user in code_global
> and on the main page I have acces link to secured pages.
Calling mgd_auth_midgard _only_ affects the current request. If the
user clicks a link, that information is lost unless you used cookies
for authentication.
> If I do not unset user , everybody all over the world can access
> these pages. I use unset and that's way I keep my security.
If you also want to make the midgard core 'forget' about the current
user, use mgd_auth_midgard("", "", 1);
> So You want to say that unset is useless in this case?
> So why it works?
That depends on how you're using your authentication. If your PHP code
checks against the $user variable you mentioned, that could work fine,
but the mgd_... calls will still work like you are logged in as though
you were the person you called mgd_auth_midgard for.
Emile
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
