Forums / Developer / How to pass login information to an iframe?
Luca Mischiatti
Tuesday 25 November 2008 1:33:17 am
Hi! I have insert an iframe into a template to include a custom php file. This file should by visible only to registered users.Is there a session variable or cookie or similar that can check within my custom file to be sure the user is registered or not?!
Thanks in advancedLuca
Daniel Hoppe
Tuesday 25 November 2008 4:21:54 am
Hi Luca,
function logincheck($redirect = "", $die_message = "no access"){ if ((isset($redirect)) and ($redirect != "")) { if (strpos($redirect, "://")){ } else { if (strlen($redirect) > 0) if (substr($redirect, 0, 1) == "/") $redirect = "http://" . $_SERVER["HTTP_HOST"] . $redirect; else $redirect = "http://" . $_SERVER["HTTP_HOST"] . "/" . $redirect; } } if (isset($_SERVER["HTTP_COOKIE"])) { } else { if ((isset($redirect)) and ($redirect != "")) header('Location: ' . $redirect); else die ($die_message); } $s = substr($_SERVER["HTTP_COOKIE"], strpos($_SERVER["HTTP_COOKIE"], "eZSESSID") + 9, 32); $session = $s; { // db connection $dbhostname = "???"; $dbuser = "??"; $dbpassword = "???"; $dbname = "???"; $link = @mysql_connect($dbhostname, $dbuser, $dbpassword); if (!$link){ die('Could not connect: ' . mysql_error()); } $db_selected = mysql_select_db ($dbname, $link); if (!$db_selected){ die ('Can\'t use foo : ' . mysql_error()); } // ///////// } { // get session $myqstring_a = "SELECT * FROM `ezsession` WHERE `session_key` = '" . $session . "'"; $result_a = mysql_query($myqstring_a); $row_a = mysql_fetch_array($result_a); if ($row_a["user_id"] == "") { if ((isset($redirect)) and ($redirect != "")) header('Location: ' . $redirect); else die ($die_message); } } { // get user $myqstring_b = "SELECT * FROM `ezuser` WHERE `contentobject_id` = " . $row_a["user_id"]; $result_b = mysql_query($myqstring_b); $row_b = mysql_fetch_array($result_b); if (($row_b["email"] == "") or ($row_b["email"] == "[email protected]")) { if ((isset($redirect)) and ($redirect != "")) header('Location: ' . $redirect); else die ($die_message); } } return ($row_b); }
Daniel