Thanks Brian, this looks like what I need!
-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On
Behalf Of BMay@xxxxxxxxx
Sent: Wednesday, June 10, 2009 3:43 PM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] Reusing User ID and Password with Zend i5_Program_Call
Shannon,
One way to handle it is to use sessions.
By issuing the session_start(); function on each of the pages the
$_SESSION superglobal variable is available. You can store your log-in
credentials there.
What happens is:
1. On your log-in page, the start_session() function creates a unique
session id for the user and stores it in a cookie on their browser.
2. On your log-in script, after your user is authenticated, you can keep
the user id and password in the $_SESSION superglobal like so:
$_SESSION['AppUsr'] = $UserId ;
$_SESSION['AppPass'] = $Password;
3. The $_SESSION superglobal variable is stored in a temporary directory
on the server automatically when the script ends. The user name and
password are not stored in the browser, only the session id.
4. On your search script, the start_session() function sees that the
session id cookie already exists and uses the id to retrieve the $_SESSION
variable created in the previous script.
5. You can then use the $_SESSION['AppUsr'] and $_SESSION['AppPass']
variables on any functions that require authentication.
As you advance in PHP, you will find it useful to abstract most of this
into a class to make it reusable, but that is a topic for another day.
HTH,
Brian May
Project Lead
Management Information Systems
Garan, Incorporated
Starkville, Mississippi
Young i Professionals
http://www.youngiprofessionals.com
"Shannon ODonnell" <sodonnell@xxxxxxxxxxxxxxxxxxxxxxxxx>
Sent by: web400-bounces@xxxxxxxxxxxx
06/10/2009 03:03 PM
Please respond to
Web Enabling the AS400 / iSeries <web400@xxxxxxxxxxxx>
To
"'Web Enabling the AS400 / iSeries'" <web400@xxxxxxxxxxxx>
cc
Subject
[WEB400] Reusing User ID and Password with Zend i5_Program_Call
Here's my scenario:
I have the user log in with their i5 user id/password with a PHP script.
I then take the user to a new page, and I have them enter a search string.
I take that search string and I pass it to an RPG program using
i5_Program_Call. Now...as you know, the i5_Program_Call requires the
user
to log in first, that is, the php page needs to establish a connection to
the server before doing a i5_program_call.
But in this case, the user logged in on a previous php page which, since
this is basically all stateless, the iSeries and the PHP server know
nothing
about.
I do not want to force the user to log in again on this page to do their
search, and I don't want to store that user ID and password in the PHP
script either. So how can I accomplish this?
What does the rest of the community do to reuse the id and password with
PHP
like this?
Shannon O'Donnell
midrange.com
