On Mon, 2006-03-20 at 20:24, robert mena wrote: > Hi, > > I am slowly converting my webapps to use the 'ajax' technology. I'd like to > know what 'best practices' should I use when it comes to authenticate, > identify the requests in a more restricted context. > > So far I've migrated some 'open' areas where the user, without having to > identify himself can perform searches. But I need to allow/deny him to do > insert/delete/update actions. > > In the traditional webapp I'd create a login page where the user. password > would be checked against a database and a session variable would be set with > a authenticate code. Further access to restricted pages are allowed/denied > based on the existance of this authenticate code. > > What would be a good alternative in my ajax-enabled webapp? I cant use > session in my php scripts (those called by the XMLHttpRequest.open) right? Sure you can. Cheers, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
