On Nov 27, 2007, at 3:56 PM, Stut wrote:
Jason Pruim wrote:
On Nov 27, 2007, at 3:48 PM, Stut wrote:
Jason Pruim wrote:
The subject might be a little misleading... But I couldn't think
of how better to describe it in a small sentence :)
What I'm wondering is, I have a program that accesses a database
and displays the info in that database... I know, nothing
revolutionary about it... I plan on setting up a database per
customer who uses my system, and what I would like to do is have
everyone go to the same address to login... Such as:
raoset.com/oldb/ they enter their username/password and get
redirected to their site... Or at least pull up their database...
Now that I'm typing this out, I may have thought of away to do
this...
Set the main page, so that when you login, it accesses a master
database, which has the username, password, and database name
stored in it. Write the database name to a session variable,
which I could then use in my mysql connect file for the
database....
Does that make sense? Thoughts? Problems? RTFM's? :)
Assuming you mean raoset.com is not the domain of their site you
would need to pass the database name to their site some way other
than via a session since the session is tied to the domain name
(no way around that I'm afraid). This clearly makes it a bit
insecure so you might want to rethink how you're doing this.
Maybe they select/enter their domain name on the login form, then
you can use a bit of JS to have the form submit to a script on
their site. This gives the best of both worlds... they all go to
the same URL to log in, but you don't need to pass things like
database names between sites via the browser (which is insecure).
-Stut
The database they are connecting to is on my site. That's what they
would be logging into. I'm trying to avoid something like this:
HTTP://www.raoset.com/oldb/customers/customer1
HTTP://www.raoset.com/oldb/customers/customer2
etc. etc. etc.
What I would like is to have everyone go to: HTTP://www.raoset.com/oldb/login.php
and then be able to pull up there database from their login
credentials.
Does that make it clear as mud?
Yeah, no-brainer - use a session if you're already using a session
on the customer sites.
Personally I'd store a mapping of dirname (customer1, customer2) to
database name (customer1db, customer2db) in files so you don't need
to pass anything from request to request. You just use the directory
being accessed to lookup the DB. But then I consider sessions evil
and something to be avoided wherever possible, you may not share
that opinion.
Okay, I'll start writing code and see when I hit issues :)
Just for my own curiosity, why do you think sessions are evil? I
haven't found a better way to store my variables between different
pages... Other then always posting them in either $_POST or $_GET each
time... But that can add up quite a bit on a complicated site though...
Thanks for looking though!
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424
www.raoset.com
japruim@xxxxxxxxxx
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
