[Typo3-dev] Desired fe-user login behaviour?
Tonni Aagesen
goes.to at dev.null
Wed Oct 12 13:48:32 CEST 2005
Hi list,
I was implementing login for fe-users at a site, when a I came across
this (to my mind) strange behaviour with regards to the lockToDomain
feature. Remember that any user must memeber of at least one group.
[Scenario 1]
--------------------------------------------------------------------
GROUP: uid=1, lockToDomain='domain.tld'
USER: usergroup=1, lockToDomain='www.domain.tld'
After login attempt at www.domain.tld:
-> $GLOBALS['TSFE']->loginUser = 0
-> $GLOBALS['TSFE']->fe_user->user contains the users information
-> An entry in fe_sessions is created
--------------------------------------------------------------------
[Scenario 2 - lockToDomain changed for group]
--------------------------------------------------------------------
GROUP: uid=1, lockToDomain='www.domain.tld' <-- NOTE the difference
USER: usergroup=1, lockToDomain='www.domain.tld'
After login attempt at www.domain.tld:
-> $GLOBALS['TSFE']->loginUser = 1
-> $GLOBALS['TSFE']->fe_user->user contains the users information
-> An entry in fe_sessions is created
--------------------------------------------------------------------
Now, considering these two scenarios above, the questions must be:
If the user is NOT a member of a valid group...
1) Should a fe_session be created?
2) Should the $GLOBALS['TSFE']->fe_user->user not be false?
I know that fe user login should be checked against the
$GLOBALS['TSFE']->loginUser variable, and that it therefore is not thta
big a problem - it just seems illogical :)
--
Regards
Tonni Aagesen
www.pil.dk & www.quickpay.dk
More information about the TYPO3-dev
mailing list