Jason Pruim wrote:
On Nov 27, 2007, at 3:48 PM, Stut wrote:
Jason Pruim wrote:
The subject might be a little misleading... But I couldn't think of
how better to describe it in a small sentence :)
What I'm wondering is, I have a program that accesses a database and
displays the info in that database... I know, nothing revolutionary
about it... I plan on setting up a database per customer who uses my
system, and what I would like to do is have everyone go to the same
address to login... Such as:
raoset.com/oldb/ they enter their username/password and get
redirected to their site... Or at least pull up their database...
Now that I'm typing this out, I may have thought of away to do this...
Set the main page, so that when you login, it accesses a master
database, which has the username, password, and database name stored
in it. Write the database name to a session variable, which I could
then use in my mysql connect file for the database....
Does that make sense? Thoughts? Problems? RTFM's? :)
Assuming you mean raoset.com is not the domain of their site you would
need to pass the database name to their site some way other than via a
session since the session is tied to the domain name (no way around
that I'm afraid). This clearly makes it a bit insecure so you might
want to rethink how you're doing this.
Maybe they select/enter their domain name on the login form, then you
can use a bit of JS to have the form submit to a script on their site.
This gives the best of both worlds... they all go to the same URL to
log in, but you don't need to pass things like database names between
sites via the browser (which is insecure).
-Stut
The database they are connecting to is on my site. That's what they
would be logging into. I'm trying to avoid something like this:
HTTP://www.raoset.com/oldb/customers/customer1
HTTP://www.raoset.com/oldb/customers/customer2
etc. etc. etc.
What I would like is to have everyone go to:
HTTP://www.raoset.com/oldb/login.php and then be able to pull up there
database from their login credentials.
Does that make it clear as mud?
Yeah, no-brainer - use a session if you're already using a session on
the customer sites.
Personally I'd store a mapping of dirname (customer1, customer2) to
database name (customer1db, customer2db) in files so you don't need to
pass anything from request to request. You just use the directory being
accessed to lookup the DB. But then I consider sessions evil and
something to be avoided wherever possible, you may not share that opinion.
-Stut
--
http://stut.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
