Gossamer Forum
Home : Products : DBMan : Discussions :

Ignoring password input at login/create user menu

Quote Reply
Ignoring password input at login/create user menu
Hi JPD,

Since I wanna simplify the login process but still require the user to input his name ('cuz I wanna log his name to the default.log file), so.. is it possible to ignore password input from the login/create user menu and disregard anything regarding to the password (eg. password existence checking, etc)?

Basically I've already got some ideas how to do it... but since I really don't wanna screw up my program, so I'd like to consult your valuable ideas.. Thanks for your time again. :-)

With Regards,
Aladdin

Quote Reply
Re: Ignoring password input at login/create user menu In reply to
You don't care about one user being able to log in as another user? May I ask what the point is of logging activity when you don't know who is using which username? Or is it just that you want to know when any person accesses the database?

JPD
http://www.jpdeni.com/dbman/
Quote Reply
Re: Ignoring password input at login/create user menu In reply to
Hi JPD, Smile

In Reply To:
You don't care about one user being able to log in as another user? May I ask what the point is of logging activity when you don't know who is using which username? Or is it just that you want to know when any person accesses the database?
Thanks for your reply. opps.. sorrie.. Something that I gotta clarify - the user wouldn't be able to change the username 'cuz I use remote_user() to make it as an unique username. The reason why I developed this since I wanna let the user to confirm his identity (as he pressed "Logon"). Exactly, I just wanna know when any person accesses the database.

Thanks for your time. :-)

Aladdin

Quote Reply
Re: Ignoring password input at login/create user menu In reply to
Okay. Smile

Be sure that you remove the code from

Code:
auth.pl
sub auth_check_password
sub auth_check_permissions
db.cgi
sub admin_display
I guess that's all you'd have to do, since you won't be having the users sign up online.

Basically, what you need to do is look for every place where the .pass file is opened. Search for $auth_pw_file in each of the files. It's important that you look for lines like

($name, $pw, $view, $add, $del, $mod, $admin) = split (/:/, $permission);

and you remove the variable for the password -- in this case $pw,.


JPD
http://www.jpdeni.com/dbman/