stupid question...but I'm at a loss .. need clarification for Auth class

119 views
Skip to first unread message

molebhai

unread,
Sep 13, 2011, 10:12:57 PM9/13/11
to simple-php...@googlegroups.com
Okay.. i've tried to rack my leftover brain cells over this.. and I can't seem to figure it out.

1.  we are the knights who has "nid" 
What is the point for the 'nid' field in the user table? 
I see its a unique id md5 hashed string created in the newNid function... but I don't see why. 
I never used a seperate id field other than the numeric id.

2.  cookies 
can someone explain the difference and/or point of the 3 cookies being set.
there is one setACookie method
also there is another generateBCCookies..
why?

3.  extras.
My primary reason for asking these questions is because I'm thinking of adding the facebook/twitter/google login system to the auth class.
I don't want to mess around without really understanding it as it first.
Also.. does anyone already have modified scripts with social sites already integrated?

thanks a lot guys.

molebhai

unread,
Sep 14, 2011, 1:22:30 AM9/14/11
to simple-php...@googlegroups.com
whoops.. "knights who *say* nid"...  now i feel even more stupid..
and I found the answer for the first point in one of the other posts.

still would like some clarity on the cookies though.

Tyler Hall

unread,
Sep 19, 2011, 10:57:02 AM9/19/11
to simple-php...@googlegroups.com
Hi.

The nid value is a random salt that ties a user's login to a
particular global session. It's primary use is to give you the ability
to log out a user's sessions across all browsers/computers without
requiring them to change their password.

A Cookie: contains a unique identifier for the user's session,
regardless of whether or not they're logged in.

C Cookie: contains an obfuscated parameter list of the user's username and nid.

B Cookie: contains an expiration date for the user's login session and
a signature that guarantees the data stored in the C cookie has not
been tampered with.

Tyler

> --
> You received this message because you are subscribed to the Google Groups
> "Simple PHP Framework" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/simple-php-framework/-/leWHqFkVYJEJ.
> To post to this group, send email to simple-php...@googlegroups.com.
> To unsubscribe from this group, send email to
> simple-php-frame...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/simple-php-framework?hl=en.
>

molebhai

unread,
Sep 19, 2011, 3:03:58 PM9/19/11
to simple-php...@googlegroups.com
Thanks a lot Tyler, that makes complete sense now.

btw.. are you aware of an existing facebook/twitter/openid etc sign in integration mod to the Auth class?

Tyler Hall

unread,
Sep 19, 2011, 5:18:02 PM9/19/11
to simple-php...@googlegroups.com
I don't know of any existing social auth integrations. I'm sure others
would find it useful if you built one.

Tyler

> --
> You received this message because you are subscribed to the Google Groups
> "Simple PHP Framework" group.
> To view this discussion on the web visit

> https://groups.google.com/d/msg/simple-php-framework/-/3VEp6zG8ocIJ.

Max Fierke

unread,
Sep 19, 2011, 5:28:04 PM9/19/11
to simple-php...@googlegroups.com
Challenge Accepted!
Reply all
Reply to author
Forward
0 new messages