0

Good day:

Need some assistance with an idea which seem to be complicated as I think of it and can't seem to figure out an appropriate implementation.

I'm working on a hosted service app which requires a php logging system to identify the user and their respective account. On this first login --if successful, a welcome information (user account info etc...) is displayed; also displayed, is the login page of actual application, in an iframe, within this welcome page.

Why use the iframe, you would ask? I want to display the second login feature on the welcome page of the first login system. On this page, the client is able to see and edit their account information or simply login into the application. On login (the second login system), the application is loaded in a new browser as a full screen.

My current challenge is whether I’m able to carry "$session" information of both login systems –the first one called “main_session.php” and second called “session.php”, within this new browser containing the app?

Note: Once in the application, the second login session works fine within the application, authenticating all pages within. Now I want to make sure that the session information from the first login system is functional with the application. So that the url of the application pages cannot be accessed without first having gone through the first login system.

I do trust that this is making some sense.

I appreciate any suggestions.

Best,
Mossa

1
Contributor
1
Reply
4
Views
6 Years
Discussion Span
Last Post by mbarandao
0

Good day:

Need some assistance with an idea which seem to be complicated as I think of it and can't seem to figure out an appropriate implementation.

I'm working on a hosted service app which requires a php logging system to identify the user and their respective account. On this first login --if successful, a welcome information (user account info etc...) is displayed; also displayed, is the login page of actual application, in an iframe, within this welcome page.

Why use the iframe, you would ask? I want to display the second login feature on the welcome page of the first login system. On this page, the client is able to see and edit their account information or simply login into the application. On login (the second login system), the application is loaded in a new browser as a full screen.

My current challenge is whether I’m able to carry "$session" information of both login systems –the first one called “main_session.php” and second called “session.php”, within this new browser containing the app?

Note: Once in the application, the second login session works fine within the application, authenticating all pages within. Now I want to make sure that the session information from the first login system is functional with the application. So that the url of the application pages cannot be accessed without first having gone through the first login system.

I do trust that this is making some sense.

I appreciate any suggestions.

Best,
Mossa

I have succeeded in achieving the task. Here is what I did:

I created two authorization files, each associated with each login interface and named them respectively, auth.php and auth_2.php:

auth_2.php (hosted service login interface):

<?php
	//Start session
	session_start();
	
	//Check whether the session variable SESS_MEMBER_ID is present or not
	if(!isset($_SESSION['userid']) || (trim($_SESSION['userid']) == '')) {
		header("location: /main.php");
		
echo'
<SCRIPT LANGUAGE="javascript"> 
<!--
if (blank.location != location) blank.location.href = location.href; 
//---> </SCRIPT>
';
exit();
}
  ?>

auth.php (application login interface):

<?php
	//Start session
	session_start();
	
	//Check whether the session variable SESS_MEMBER_ID is present or not
	if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
//$_SESSION['username'] =  $_POST['username']; 
		header("location: access-denied.php");
		exit();
	}
?>

On each file, I included:

include('auth.php');
include('../include/auth_2.php');

With this, my task appears to be achieved!

Thanks all,
Mossa

Edited by mbarandao: n/a

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.