Multi-application logins - Apache
Hi
I'm running a Centos-6 server with mySQL and phpbb3
I am trying to create a members only area on the site that
only requires a single login.
I have been able to separate the login procedure of phpbb
and feed it to my own PHP code to login ok but I am not sure
where best to go from here to "lock down" the rest of the site
for members of the forum only.
I have created a "messy" solution that checks on every page
to see if the user is "logged into phpbb" - that is pretty easy
but obviously not a good way to go once the pages and users start
adding up.
I tried using the Apache auth module with "valid-user" in text password
files and .htaccess but that requires logging into apache first and I couldn't intercept the password then to log into the forum at the same time.
I'm going around in circles here a bit and wasting a lot of time testing things
that never seem totally do the job -
What would be the simplest approach - I have php/mysql knowledge but not
much apache internals and I'm ignorant of cookie internals and hashing
(do I need to get into those to do this?)
Can anyone point me in the simplest direction to get this working or suggest
what information I need to read up on.
Obviously I've read the apache docs but the solutions given dont seem to work or help with merging the two processes - I must be missing something I guess
There must be a simple solution I'm sure.
thanks
|