Forum OpenACS Q&A: Re: How to force login for the Site?

Collapse
Posted by Nima Mazloumi on
I want to protect simple php files. We have many departments here at the university where the professor has created interactive learning modules with php. They want to restrict access to the learning module over dotlrn so that only university members can see the pages.
Collapse
Posted by Malte Sussdorff on
I think one way to do it is to make the TCL API visible in PHP e.g. by having a command "nsd_tcl(tcl-command, return-variable)" work there. To do this, you'd have to write something up in C I assume and put it to use in your aolserver installation.

Once this is done (ask Bjoern Kiesbye or at the AOLserver list if this really is feasible and if someone has done it / would be willing to do it), you can add a check to the PHP packes, calling acs's permission::require_permission.

If you want to go down that road, let's talk further, as I think having the capabilities for calling ACS functions from PHP (and vice versa), will help a lot in the rollout of bundled solutions (as some PHP software is considerably better than OpenACS in certain, specific areas). Last but not least it makes it easier to market.

Collapse
Posted by Patrick Giagnocavo on
Nima, Malte,

I think the "best" way is as Malte suggests.  Make PHP a first-class language inside OpenACS as much as possible.

However, the "quick" way is to write a small bit of PHP code that talks to the database and essentially mimics what OpenACS does.

Since the SQL queries are the same, you need only figure out how to code the test for being logged in or not in PHP.  You should be able to use the cookies information sent in the header.

Then, put all this functionality in a single .php file.  Tell your internal users that all they need to do is to include this file in the beginning of their PHP scripts for each script that needs to be protected.

I seem to recall that there is a way in PHP to automatically run a PHP script before running the asked-for script, but I cannot seem to locate the URL.