More phplib fun!We're using de …

More phplib fun!

We’re using default_auth on our site and thanks to some help I managed to make phplib play nicely with our template system. That is, until my boss tested it and discovered that if you enter an incorrect username/password the phplib loginform appears. Look around line 174 of for the culprit.
After I was almost finished a long email to the phplib list I figured out what to do. If the user types in an incorrect username/password then log them in as “nobody”!
The fix to do that took all of 5 seconds and is below:

Edit, look for auth_validatelogin(), this is around line 146 of my, and modify those lines to look like the following:

if( $this->db->num_rows() )
        $uid = $this->db->f(“uid”);
        $this->auth[“perm”]  = $this->db->f(“perms”);
        $this->auth[“uname”] = $this->db->f(“username”);
    // Log them in as “nobody”
    $this->auth[“perm”]  = “”;
    $this->auth[“uid”] = “nobody”;
    $uid = “nobody”;

When you try and login now with incorrect details the loginform will be printed again within the confines of your site templates and nobody will be the wiser as to the grief this caused you!

Leave a Reply

%d bloggers like this:

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.