Table of Contents
The general idea is to use GenieGate_Api_Login as
an object factory for fetching user objects. These user objects
in turn are used for fetching properties, login information, etc.
![[Tip]](img/tip.gif) |
Tip |
|---|---|
|
Obtaining a login object is extremely easy, just include If you just want to login from a php document, try this
<?php require("/home/MyUserName/geniegate/login.php"); ?>
The above 1 line can be used any place you wish to force a login. (this is also documented in the user manual, but included here as well) |
Example 2.1. Using the API to login, show users name
This example logs in and shows the users name.
<?php
require_once("/home/UserName/geniegate/conf.php");
$genie = genieGate(); // obtain the GenieGate_Api_Login object.
$user = $genie->login(); // login.
echo "Hello " . $user->getName();
?>
Example 2.2. Showing an alternate page to members.
This example demonstrates the passiveLogin() method, it
changes the page depending on whether the visitor is signed in.
<?php
require_once("/home/UserName/geniegate/conf.php");
$genie = genieGate(); // obtain the GenieGate_Api_Login object.
$user = $genie->passiveLogin(); // Get user, ONLY if they're signed in.
?>
<html>
<head><title></title></head>
<body>
<?php if($user) { ?>
<p>
Hello, glad you could join us!
</p>
<?php }else{ ?>
<p>
You are not signed in. If you were, you would
see an alternate page.
</p>
<?php } ?>
</body>
</html>
Fields are presented here for completeness, and should only be used when there is no method to adjust the setting.
Fields.
Following are the fields of
GenieGate_Api_Login
public Resource $DBH = FALSE;Database handle. (May be FALSE)
public GenieGate_DB $DBA = FALSE;Instance of GenieGate_DB (if given in constructor)
protected string $DBN ;Database name.
public boolean $USE_HTTP_AUTH = TRUE;Set this to FALSE if you do not want the HTTP authentication to be used. (the login dialog box)
When set to FALSE, it will not use HTTP based authentication.
public string $FORM_USERID = GG_USERID;The name of the form variable that is inspected for the user ID.
If this form variable is present, it will be picked up as the user ID during the login phase.
In the event that the form variable GG_USERID happens to interfere
with your web page or application, you can specify an alternate form variable name
to use here.
If this form variable happens to be present, and set to something other than the user ID, it could cause problems.
public string $FORM_PASSWORD = GG_PASSWORD;The name of the form variable that is inspected for the password.
This is the name of the form variable that is inspected for the users password.
If the name interferes with your web page, you may change it here.
protected Object $VIEW = FALSE;
The view to use when presenting a login form.
the proper way to set this is to use setPromptView().
public string $SESSION_VARIABLE = GG_USERACC;Session variable that is used to store the login info.
This is a name of the key to use, defaulting to "GG_USERACC". If you happen to be using a session variable of the same name, you can change this.
Data related to the user is stored in $_SESSION[$SESSION_VARIABLE].
public string $REALM = Restricted;Realm to use for the Login box.
This is shown on the login dialog box in the browser.
public boolean $CHECK_IP = FALSE;Whether or not to verify IP number is the same as the last time a login was attempted.
The advantage to doing this is that it may help prevent session ID hi-jacking.
The disadvantage is it will force users from dynamic IP's to login again, and can cause weird issues with proxy servers and such.
public boolean $DB_PERSISTANT = TRUE;
Whether or not to try and connect with mysql_pconnect() instead of
mysql_connect()
(The pconnect can be more effecient, but introduce other problems)
public boolean $ALLOW_CACHE = FALSE;Whether to cache the user in session.
If set to FALSE, the user will be looked up each time, this has the advantage that user group changes take effect immediately, but has the disadvantage that the user has to be looked up in the database each time.
For performance, set it to TRUE.
public string $SESSION_KEY_NAME = GGSESKEY;Name of cookie for the session key.
The session key is used to help prevent session hi-jacking. It is compared to a session
key stored in the users $_SESSION to determine if a user has hijacked it.
If you happen to be using a cookie with the same name you can change it here.