login checker for the blog

[gastoncs]

Hello I have the Life Type blog on my server, the thing is that I have on all my pages on my server an include() file that checks to see if the user is login or not if not they send them back to the login page, I want to put that include on the blog so only the people that have login can have access but I don’t know were to put it.

I hope I am being clear

Thanks

[jondaley]

Look at the code for the comment form, and see where it uses $authuser or something like that to display the user's name automatically, rather than the normal form box. And then just put that bit around your whole file, in main.template and postandcomments.template. (and albums and search, etc. if you want it everywhere). If it were me, I'd probably just put in a link to the login box, but if you turn off the php/template security, you might be able to put a header() php function that redirects automatically, I am not sure if smarty allows that or not (or are the headers finished by that point).

[gastoncs]

thanks jon!
let me try this

[gastoncs]

Hi Jon
We have a corporate website that requires users to log in, the blog system
is part of that site, what we want to do is in order to have access to the
blog the user has to login first into the corporate site. We are having
difficulty making sure that in order to see the blogs you are logged into
our corporate site. When the user logs in to our corporate site, we
register a couple of session variables that are checked in our permissions
script and if those session variables don't exist the user is denied access.
But the session is terminated and when I add session_start() to the
index.php page, the page crashes so we cannot pass the session variable and
can't use our permissions script. Any ideas?

Thanks for your help

[jondaley]

What do you mean when you say "the session is terminated", and "page crashes"?

In order for you to share variables across pages, you have to have the same session_name($string) for both pages. There is a default value if you aren't calling that function in your code like "PHP_SESSION" or something. You should either change LT's code to use the same session_name as whatever you are using, or change your code to use the name LT is using. LT will calculate it based on the hostname. class/net/session/sessionmanager.class.php if I am remembering correctly.

[musashi]

Hi,
I'm facing a similar issue. I have a company site that people log into. We create a session variable ($userid) when the log in. Each page in the site makes sure that $userid exists and isn't null. I want the entire blog system (both admin and the blogs themselves) to include a check for that the user has logged in to our company site first. I'm now assuming that the easiest way to do this is to use the sessionmanager.class.php class to set a session variable within LT that matches $userid and then each page checks that the variable exists. Is that accurate?

For example, if a user clicks on a link within our company site to the blogs, the link passes the $userid to the index.php page, where we register a new session variable with the sessionmanager.class.php...I guess it seems to me that there must be a simpler way, but what is happening now is that all the session data from our corporate site is lost when the user clicks the link to the blogs, so $userid no longer exists....

Thanks for any guidance on this!

[jondaley]

musashi, did you read my last post? What are you using in your session_name() call in your corporate site?

[musashi]

I believe we're just using the generic php session. basically, at the top of each page we enter session_start() and register session variables with something like session_register('userid') on the login page then something like $userid="musashi" upon successful login. It's an older system we're using, all procedural code, etc....does that answer your question?

[jondaley]

Yes, because you can't share variables across sessions if you aren't using the same value for session name, that is how it is designed. You need to either switch your code or switch LT's code to both use the same session name.

[gastoncs]

Thanks jon that help me!!

[eric9066]

Hello,

First time poster. Just installed lifetype on my site and I'm running into an issue that I hope can be resolved. Lifetype has its log in system and my website has its log in system. We're having problem merging the two. In other words, when members log in our site, I would like them to also log into the lifetype and when they log out of one, log out of the other. I think this will create a seamless transition between my site and Lifetype.

Does this forum post still hold true given its age?

[jondaley]

The advice given should still be fine, but I suspect that you are asking a different question than the original poster.

You probably want to look the "user data providers", found in /config/userdata.properties.php and /class/dao/userdata/*, and probably write your own userdataprovider to check your already existing database. That shouldn't be that difficult, and then, you are integrating into lifetype the way we expect, and you shouldn't have to modify any core code, which makes upgrading easier.

[eric9066]

Hi Jon

The advice given should still be fine, but I suspect that you are asking a different question than the original poster.

You probably want to look the "user data providers", found in /config/userdata.properties.php and /class/dao/userdata/*, and probably write your own userdataprovider to check your already existing database. That shouldn't be that difficult, and then, you are integrating into lifetype the way we expect, and you shouldn't have to modify any core code, which makes upgrading easier.

After accessing the admin panel - I noticed this:

session_save_path
Please use this setting to change the folder where LifeType stores its session data, via the PHP function session_save_path() Please make sure that the folder is writable by the web server. Leave empty to use PHP's default session folder. [Default = (empty)]

Wouldn't having the session data stored in the same location as my site's session data help as well?

regards

[jondaley]

true, if you have customized the session data folder in your other software, you will need to also customize lifetype to use that directory too. I just use the defaults, so I didn't think about that setting.