I wrote a small app that relies heavily on a series of php pages in which mysql data is displayed and formatted, given the user's credentials.
Rather than rolling a whole user management system from scratch, im debating putting these files into modx pages and utilizing its usermanagement features to secure and restrict those pages and the data.
My question is 2 fold, first, how smart is this from a difficulty stand point? Ive done a test creating a snippet and everything shows up ok, but is there an easier way to do this?
Second, how can i take modx's session or login data and pass it to my app so it knows WHO is logged in.
Thanks
I relatively new to modx so I'm not the best person to comment on how smart it is, although I personally have no problem with the methodology.
You can get details of the logged in user using the modx API.
eg
// In the front end, returns an array of the logged in user's attributes.
$userInfo = $modx->db->getRow(
$modx->db->select(
"*",
$modx->db->getFullTableName('web_user_attributes'),
"`internalKey`=".$modx->getLoginUserID()
)
);
Related
I am new to backend coding but I am getting the hang of codeigniter. I have deployed the simple task board application hosted on github and everything is fine. As it stands this application uses sessions to create a single dashboard that can be shared by multiple users. I would like to be able to set this up so that a user could register and start their own dashboard. For simplicity it would be good if this new instance or session (not quite sure if I have the terminology right) could share the same database.
So my question is can someone tell me what I need to research in order to develop this? I dont think I have the right terminology to ask google or manuals for what I need.
I prefer you to use codeigniter session library and for dashboard, you may be stored much data in session, so use "Saving Session Data to a Database"
check this link : http://ellislab.com/codeigniter/user-guide/libraries/sessions.html
I am trying to make a dashboard application, that among others will retrieve information from a xing account and store it in our database. Right now, we the default oauth implementation, if the user is not logged in, it asks for his permission, and then returns back to the webpage that all the information is shown.
We need to automate the login process, so that every day for example, our php script will run and copy our xing contacts in the database. But we need that happening without manually loging in to Xing.
I have read/tried a lot of the curl/php scripts for logging in a website, but none of them actually worked for xing.
Can someone please provide me with the php script that would just login to xing.com?
Thanks a lot for your time...
Xing seem to have an API. That would be the vastly superior way to fetch data from them.
Scraping the web site is prone to breaking, and probably against their Terms and Conditions, too.
There's one news-portal and its huge (site A). During production backwards, it has been even powered with some sort of a social networking stuff - not yet started, but about to start (soon site B).
Packed together looks great, but in some future there might be a lot of problems with maintaining the database, servers and stuff so I've been asked to separate it as I did. Site A goes on its own domain, site B also - databases are separated.
Now, I need to do the following: when user logs into site B (social site) and arrives to site A (portal) they should be instantly logged in there too (on a site A).
Any ideas how to do this - without duplicating entries to user tables?
EDIT:
Any other ideas instead of auth services? OpenId will just give us one user with 10 accounts, fakes and so on. How about cookie stuff or multi-database queries?
EDIT 2:
Well this is something hot.. unless its not April 1st joke and worth a try:
http://www.shawnhogan.com/2005/12/cross-database-join-with-mysql.html
You can use OpenID.
OpenID is an open standard that describes how users can be authenticated in a decentralized manner, eliminating the need for services to provide their own ad hoc systems and allowing users to consolidate their digital identities.
If you want to share some profile information (e.g. posts or photos) without giving access to your login and password you can use OAuth.
See if my answer here is of any use.
It's pretty simple, and only requires user information to be kept on one side. Where you need some information on the non-database side, you can just pass that information there using values in a query string, alongside the encrypted string.
Can you believe this?
$DB->query("SELECT * FROM table..."); // works of course...
$DB->query("SELECT * FROM another_database.table..."); // WORKS ALSO!
This guy is a miracle:
http://www.shawnhogan.com/2005/12/cross-database-join-with-mysql.html
I don't believe it, so simple at the end!
I'm designing a simple web app for some elderly family members, 1 of whom has Alzheimer's. The end goal is to provide them each with a tablet (probably Android but irrelevant for this problem) that would be stripped down to ideally 1 bookmark on the home screen which opens my web app.
What I am looking for are ideas on how to identify the user without the conventional username/password methods. With their condition I know that remembering an username is going to be almost impossible, let alone a password. Ideally I would recognize the device and relate that to a specific user.
There will be other users on the app that access it through normal methods (username+password on PC/mobile/tablet), which I'm handling with Zend_Auth. It's just these 2 users who I am concerned about identifying.
Security isn't a huge concern as the data will not be sensitive in any way, but I still need to differentiate between users.
I am building this in php with Zend Framework. I'm really looking for more ideas than specific code, although anything based in php or javascript would be great. Any ideas or suggestions would be greatly appreciated. Thanks for your help
These advice are only valuable if security is not an issue :
On the bookmarks page, insert a token in the link, which you will use to authenticate the users.
if you can, check in the background for IP/user agent (if there is only one device that needs this simplified auth process, and assuming it's connection uses a fixed IP address)
And a simple idea if you have multiple users using the same device :
on your bookmark page, put a picture of each user
make it clickable, with the token discussed above in the href of the link.
That's simple to implement and easy to remember.
Hope that helps !
I'm building a site with Joomla where a forum should exist amongst other things. But also I plan to develop a custom made functionality (diary-like) with a php inserts (it really works, for example with jumi). The problem is that I suppose nobody will understand if the forum and this sub-site will have separated logins. I'd use an existing forum authentication for my code also, but I don't like the idea that the login will look like forum-only login. I see there are bridges exist (like JFusion), but should I choose one particular forum extension if I plan to use a particular bridge extension? And are bridges easy to access with custom-made php code?
If this is for a Joomla 1.5 website, you will want to create a user plugin that will log the user into your custom site as they log into Joomla. Take a look at plugins/user/example.php for an example user plugin. The onLoginUser function will be called just after someone successfully logs into Joomla. At this point, you'll have all of their data in the $user array that's passed into the function. You should be able to use this information to create a bridge into your external PHP application.