[pmwiki-users] Fwd: any solution to get a full customizable login prompt ?

Patrick R. Michaud pmichaud at pobox.com
Sun Aug 20 09:37:47 CDT 2006


On Sun, Aug 20, 2006 at 09:55:32AM -0400, The Editor wrote:
> Actually this is exactly the problem.  My custom login form
> authenticates and goes straight to the Members Area.  But if someone
> clicks some other password protected page, or tries to edit a page,
> etc., using a redirect will forward them to my form, log them in and
> then send to the members area.  Not where they were originally
> heading.

Let me make sure I understand what you're wanting to do:

When a person logs in (using ?action=login), you want them to be
given a username/password form and then automatically taken to 
the Members Area.

But, if they encounter a password-protected page, or tries to
edit a page, you want them to receive a username/password form
and then be taken to the action they were trying to do that
generated the password.

Is this correct?

If so, then my suggestion is to simply set ?action=login to always
use the Members Area page:

    if ($action == 'login') $pagename = 'Main.MembersArea';

> 1) How does one not only log a user in, but give all permissions
> appropriate to their password.  Using  AuthUserId($pagename,
> $_POST['Member']); does the first but not the second.

It should do the second also -- any password entered is used for
authorization to passwords.  If it's not doing that, I probably
need to see the config.php.

> 2) Can someone explain exactly how Site.AuthForm works in terms of
> remembering the page it is supposed to go to and then going there
> after authentication?  

Site.AuthForm is rarely used as a page on its own -- it acts
more like (:include Site.AuthForm:).  

When a page (let's call it Main.Protected) is requested and the
visitor doesn't currently have authorization to the page, PmWiki
responds with the contents of the $AuthPromptFmt variable.  
By default, $AuthPromptFmt is

    $AuthPromptFmt = array(&$PageStartFmt, 'page:$SiteGroup.AuthForm',
        &$PageEndFmt);

which says to display the beginning of the current skin, the
contents of Site.AuthForm, and the end of the current skin.
Note, however, that as far as PmWiki is concerned the visitor
is still at the Main.Protected page, *not* at Site.AuthForm (see
the url, page title, etc.).  PmWiki simply chose to display
the contents of Site.AuthForm instead of the contents of
Main.Protected.

The (:input auth_form:) markup in Site.AuthForm generates an HTML
"form" tag that looks like:

    <form action='{$REQUEST_URI}' method='post' name='authform'>

The {$REQUEST_URI} comes from the webserver, and is the url
that the visitor used that is requiring the authorization.
So, when the visitor enters a username and/or password, the
browser is sent back to the *same* url that resulted in the
authorization prompt, except that any username and password
entered in the authorization form is sent along as well.

> Is it some variable I could use in my recipe/form to
> set the nextpage?

Sure, the result of the (:input auth_form:) can be changed
by setting a value for $InputTags['auth_form'].  See
scripts/forms.php for the code PmWiki uses to set the default.
(However, if you use the suggestion I gave at the top of this
message, you probably won't need to do this.)

Pm




More information about the pmwiki-users mailing list