conceptual php question 1

[esromneb]

I'm developing a gallery script in php, and i have the following question. My gallery will eventually have multi-user capability, so people can save their fav images and such, as well as having a gallery admin. I am trying to design this gallery to be as easy to intigrate as possible. My question is this: how should I handle user authentication. Because I want this to be as intrigratable as possible, this provides a big problem.
1) I could include my own user authentication system, but then if the person who downloaded the script wanted to use their own user-auth system, things wouldn't happen.
2) Maybe I could make some sort of module thingy? And provide the user with a seperate file that's easy to mold to any user-auth system?

Any ideas? All thoughts / help are greatly appreciated.

 

[DRJ478]

A modular approach is good. Just have an authentication module that provides a session variable flag to indicate authentication.
That will leave it open to the user to apply any kind of authentication scheme.

 

[sleipnir214]

I recommend adding authentication to your scripts and making them modular.

One way to do modularity is to place your authentication code into identically-named classes or functions that are stored in differently-named files, then include the appropriate file and call the code by the common function or class name.

For example, you write two modules, one to authenticate against data in a flat file, another to authenticate against MySQL.

The file named "auth_mysql.php" will provide functionality to authenticate against MySQL and something like:

<?php
function authenticate ($name, $password)
{
   mysql_connect(....);
   mysql_select_db(...);

   //other MySQL-specific code

   //return a TRUE or a FALSE
}
?>

The file named "auth_flat_file.php" will provide functionality to authenticate against a flat file and look something like:

<?php
function authenticate ($name, $password)
{
   //open the file
   //scan through the file

   //other flat-file-specific code

  //return a TRUE or a FALSE
}
?>

Then have all the scripts in your app include a common configuration file, which will set constants:

<?
define ('AUTHENTICATION_SOURCE', 'auth_mysql');
?>

Then each script in your app will include the appropriate authentication-defining file using the constant:

<?
include ('/common/configuration/script.php');

include ('/path/to/authentication/functions/' . AUTHENTICATION_SOURCE . '.php');
?>

Since each include authentication file provides a function named "authentication" that take the same inputs and return the same values, every script in your app can invoke the function by the common function name.

I've used a simple example of functions, but you can do the same thing with classes and provide additional modular functionality to manage user authentication, too.

Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[esromneb]

Thanks Sleipnir for your wonderful post. So I think I'm going to go with the modular approach. You said something about identical class names. I'm writing the gallery as a class, so how would I do that? I thought that class definitions had to be all inside one file, with no includes inside the {} that contain the class. Please explane
-ben

 

[sleipnir214]

I don't know what your gallery class is supposed to do. I was just talking about authentication.

Here's a simple example:

file: test_class_foo.php

<?php
class math_class
{
	function do_math($a, $b)
	{
		print $a . ' - ' . $b . ' = ' . ($a - $b);
	}
}
?>

file: test_class_bar.php

<?php
class math_class
{
	function do_math($a, $b)
	{
		print $a . ' + ' . $b . ' = ' . ($a + $b);
	}
}
?>

file: test_configure.php

<?php
//define ('FILENAME', 'test_class_foo.php');
define ('FILENAME', 'test_class_bar.php');
?>

file: test_instantiate.php

<?php
include ('test_configure.php');
include (FILENAME);

$a = new math_class();

$a->do_math(5, 2);
?>

test_instantiate.php is the entry point. The first thing it does is include test_configure.php.

test_configure.php does one thing -- it defines the constant "FILENAME". Control returns to test_instantiate.php

test_instantiate.php then includes one of two class files. Both class files define classes, and the two classes have the same name and provide a method with the same name. But that method does different things, depending on which class file that function is in.

test_instantiate.php then instantiates a class named main_class.php. The interpreter doesn't care which of the two class files was included -- just so long as one was.

test_instantiate.php then invokes the method "math", which is defined to have two inputs. When the method "math" is invoked, its behavior depends on which class file was included.

But the code in test_instantiate.php doesn't care which file was included, so long as a class named "main_class" is available to be instantiated and so long as that class makes available a method named "math". But to change the behavior of the script, all you have to do is change one line in test_configure.php.


Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[esromneb]

very cool, thanks for the example. Although I must say, sleipnir214, you spend way to much time answering my stupid questions. I want a little and you give me way more. I feel bad for making you spend the time. But hey man, thanks a mill!
-ben

 

[BB101]

You could include url passbacks, so the user can put the form for authentication on their site and you header("location") then back to whatever extra variable you choose.
e.g:

<?
<form method=post action='

http://www.mygallery.com/login.php'>

User: <input type=text name=user>
Pass: <input type=password name=pass>
<input type=hidden name='callback' value='

http://www.mypage.com/loggedin.php'>

</form>
?>

then on your server:

validate input
authenticate against server
header("location: ".$_POST['callback']);

Just an idea

--BB

 

[apatterno]

TANSTAAFL!!

What does it mean?

 

[skiflyer]

There aint no such thing as a free lunch... sorry given my alma matter I feel I have to answer that question.