Re: relogin same user?

This WebDNA talk-list message is from

1998


It keeps the original formatting.
numero = 18230
interpreted = N
texte = >>...if the admin does not klick any link or button >>during 20 minutes I assume he left the machine alone and I forbid further >>actions without relogin. >> >>It would be easy if I do the login via a form, but I want to ask for >>[username] sometimes so I prefer to login via browser authentication. But >>there is the common problem: how to make a browser forget the current user?At 14:04 Uhr -1000 12.06.1998, Kenneth Grome wrote: >You might want to skip the [protect] stuff and instead, use showif/hideifs >to determine what to show the admin -- based on the existence of a cart >with the proper username and password values stored in it...At 19:14 Uhr 12.06.1998, bob wrote: >Don't use the protect tag. Use an include tag and That runs the >authenticate routine, using a seperate database, not the users.db include >a field called logtime... I do not use [protect] or the users.db and I have a online.db which holds a unique user-ID, a TimeStamp (which gets updated) and few more fields. On each page sits an include OnlineUpdate which updates or deletes records.Although I leave all control to WebCat, the problem is to force an authentication for a browser which is still accepted by the server. I solved this some time ago with 4D/NetLink - looked through the code but cannot figure out how I had done this, it simply works ;-)Sorry, this mail gets long, but I do not know an other way to explain what I'm actually doing.Here is what I have in WebCat now:--index.whtml-- [search db=admin.db &eqUSERdatarq=[username] &eqPWDdatarq=[password] &UserBlnk=T&PwdBlnk=T] [showif [numfound]=0] [authenticate OKS-Administration] [/showif] [/search][math show=f] currenthit=[math]{[date]}[/math]*100000 +[math]{[time]}[/math][/math][Append online.db]OnlineID=[cart]&TimeStamp=[math]currenthit[/math][/Append][redirect start.whtml?OnlineID=[cart]](I know now that the user is an entitled admin and he is added as a record in online.db with a unique ID and a TimeStamp. The redirect points to a frameset, the entry of the admin area) ---------------Now the user is working, on each page sits an include OnlineUpdate:--OnlineUpdate-- [math show=f] currenthit=[math]{[date]}[/math]*100000 +[math]{[time]}[/math][/math][math show=f]maxdiff=60*20[/math] [math show=f]maxold=currenthit-maxdiff[/math] [delete db=online.db&lsTIMESTAMPdatarq=[math]maxold[/math]][search db=online.db&eqOnlineIDdatarq=[OnlineID]] [showif [numfound]=0] [redirect timeout.whtml] [/showif] [showif [numfound]=1] [replace db=online.db &eqOnlineIDdatarq=[OnlineID]] TimeStamp=[math]currenthit[/math] [/replace] [/showif] [/search](All records in online.db which are older than allowed are deleted. If the record with [OnlineID] is still here afterwards, the TimeStamp gets updated. If not, the redirect points to a timeout-page) ------------------timeout.whtml-- Here is just some text and a link: New Login (I need this because I did not manage to kill the frameset with [redirect]) -------------------newlogin.whtml-- Here is the point I'm getting the problem: New authentication is required, most likely for the same user. I have to wrap [authenticate] into [showif], otherwise it loops. But what for to ask? If I search [username] and [password] in the admin.db (the stored admins) like at the very first login, then authentication is skipped and the user gets immediately logged in again because the server still accepts this browser. I tried [authenticate][redirect...] but that loops either.What code should be on this page to force a new authentication?-------------------Peter__________________________________________ Peter Ostry - po@ostry.com - www.ostry.com Ostry & Partner - Ostry Internet Solutions Auhofstrasse 29 A-1130 Vienna Austria fon ++43-1-8777454 fax ++43-1-8777454-21 Associated Messages, from the most recent to the oldest:

    
  1. Re: relogin same user? (bob 1998)
  2. Re: relogin same user? (Peter Ostry 1998)
  3. Re: relogin same user? (bob 1998)
  4. Re: relogin same user? (Peter Ostry 1998)
  5. Re: relogin same user? (bob 1998)
  6. Re: relogin same user? (Kenneth Grome 1998)
  7. relogin same user? (Peter Ostry 1998)
>>...if the admin does not klick any link or button >>during 20 minutes I assume he left the machine alone and I forbid further >>actions without relogin. >> >>It would be easy if I do the login via a form, but I want to ask for >>[username] sometimes so I prefer to login via browser authentication. But >>there is the common problem: how to make a browser forget the current user?At 14:04 Uhr -1000 12.06.1998, Kenneth Grome wrote: >You might want to skip the [protect] stuff and instead, use showif/hideifs >to determine what to show the admin -- based on the existence of a cart >with the proper username and password values stored in it...At 19:14 Uhr 12.06.1998, bob wrote: >Don't use the protect tag. Use an include tag and That runs the >authenticate routine, using a seperate database, not the users.db include >a field called logtime... I do not use [protect] or the users.db and I have a online.db which holds a unique user-ID, a TimeStamp (which gets updated) and few more fields. On each page sits an include OnlineUpdate which updates or deletes records.Although I leave all control to WebCat, the problem is to force an authentication for a browser which is still accepted by the server. I solved this some time ago with 4D/NetLink - looked through the code but cannot figure out how I had done this, it simply works ;-)Sorry, this mail gets long, but I do not know an other way to explain what I'm actually doing.Here is what I have in WebCat now:--index.whtml-- [search db=admin.db &eqUSERdatarq=[username] &eqPWDdatarq=[password] &UserBlnk=T&PwdBlnk=T] [showif [numfound]=0] [authenticate OKS-Administration] [/showif] [/search][math show=f] currenthit=[math]{[date]}[/math]*100000 +[math]{[time]}[/math][/math][Append online.db]OnlineID=[cart]&TimeStamp=[math]currenthit[/math][/Append][redirect start.whtml?OnlineID=[cart]](I know now that the user is an entitled admin and he is added as a record in online.db with a unique ID and a TimeStamp. The redirect points to a frameset, the entry of the admin area) ---------------Now the user is working, on each page sits an include OnlineUpdate:--OnlineUpdate-- [math show=f] currenthit=[math]{[date]}[/math]*100000 +[math]{[time]}[/math][/math][math show=f]maxdiff=60*20[/math] [math show=f]maxold=currenthit-maxdiff[/math] [delete db=online.db&lsTIMESTAMPdatarq=[math]maxold[/math]][search db=online.db&eqOnlineIDdatarq=[OnlineID]] [showif [numfound]=0] [redirect timeout.whtml] [/showif] [showif [numfound]=1] [replace db=online.db &eqOnlineIDdatarq=[OnlineID]] TimeStamp=[math]currenthit[/math] [/replace] [/showif] [/search](All records in online.db which are older than allowed are deleted. If the record with [OnlineID] is still here afterwards, the TimeStamp gets updated. If not, the redirect points to a timeout-page) ------------------timeout.whtml-- Here is just some text and a link: New Login (I need this because I did not manage to kill the frameset with [redirect]) -------------------newlogin.whtml-- Here is the point I'm getting the problem: New authentication is required, most likely for the same user. I have to wrap [authenticate] into [showif], otherwise it loops. But what for to ask? If I search [username] and [password] in the admin.db (the stored admins) like at the very first login, then authentication is skipped and the user gets immediately logged in again because the server still accepts this browser. I tried [authenticate][redirect...] but that loops either.What code should be on this page to force a new authentication?-------------------Peter__________________________________________ Peter Ostry - po@ostry.com - www.ostry.com Ostry & Partner - Ostry Internet Solutions Auhofstrasse 29 A-1130 Vienna Austria fon ++43-1-8777454 fax ++43-1-8777454-21 Peter Ostry

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Dates - Search and Sorting (1999) Emailer errors - repost (2000) 4.5 Upgrade (2003) Porting to NT (2001) [WebDNA] Accepting Payments on Site (2013) triggering an update of two frames (1998) WebDNA on Intel Mac? (2006) WC2b15 File Corruption (1997) emailer settings and control questions (1997) [include] error message (was:how to put/keep productcustomization info in basket?) (1998) Further tests with the infamous shipCost (1997) multiple record replace (2001) When to Commitdatabase? (2004) gateway application timeouts (1998) Banner DNA (1997) Crazy dates (was: sorting dates) (1999) Grep issue (2003) Summing fields (1997) [OT] KeepItUp for Windows (2003) FlushDatabase Suggestion (1998)