How to Verify Authentication ($gValidLogin)

[Dushkin]

Hi Fasse, all.

I have created a simple script to check if a user is logged in. Returning the value of
$gValidLogin accordingly.

The use-case is:
1) A user clicks on a link to an Event on the public side of the website.
2) It sends the event parameters to the page holding the admidio iframe
3) The page checks if the user is authenticated (this is currently failing).
4) If authenticated, we replace the iframe src with the Event URL
5) If not authenticated, we redirect to sign in and then redirect again
to the Event after successful sign in.

Below is the PHP script I just wrote for step number three.
It lives here: /var/www/html/prod/admidio/adm_program/system

Code: Alles auswählen

<?php

include('common.php');

$json=array('error');
$_GET['time']=microtime();
$_GET['authenticated']=$gValidLogin;
$json = json_encode($_GET);

header('Content-Type: application/json');
header('HTTP/1.1 200 OK', true, 200);
header("Access-Control-Allow-Origin: *");

exit( $json );

?>

THE PROBLEM: the value of $gValidLogin is always false, even after i successfully log in.

I have read your documentation on session management and it seem that it should work as long as I have
common.php included. I am not sure what else I can be doing?

I am using admidio version: 3.2.14

Thanks for any thoughts in advance.
Peter

[fasse]

Hi Peter,

I have test this behavior with a small test.php file:

Code: Alles auswählen

<?php 
    require_once('adm_program/system/common.php');
    
    if($gValidLogin)
    {
        echo "good";
    }
    else
    {
        echo "bad";
    }
?>

This file is in the main folder of Admidio and I was logged in to admidio. Than I can the test.php and got good as a result. So it works as you expected.

I tested this with verison 3.3.7

Best regards
Fasse

[XimeX]

Is Admidio under another origin?
origin: protokoll + domain + port (https:// + subdomain.example.com + :8080)