More about bypassing login

[DCox]

Hi! I'm just about finished setting up the calendar on my site. Other than editing the theme (a copied version, of course) all I have left is to integrate the calendar with my members mysql database so they only have to login once. I found the following post from the past but need a little more information. I need to use variables to determine the name and password in the url.

Previous suggestion....
You can by-pass the EPCal authentication by passing a set user name and password to the script. Look at the Details page and the Setup Manager and Event Manager links to see an example.

The name and passwords would be passed like this:

/setup/index.php?name=demo&pwdX=demo

/events/index.php?name=demo&pwd=demo

*Replace demo with a user name and password that has been entered in the Setup Manager.

My preference would certainly be to have the calendar refer to my database for permissions rather than the flatfile. If that is not possible, how can I make my link pull the name and password from my current user's record? My table is "members". Password is "member_password". Name is "Login_Name". I know how to do a lookup for these fields but not how to incorporate them into the URL.

Thanks!!!

[ve9gra]

What I would suggest you do is create your own login page... When the users want to administer the calendar it looks at if they're already logged into your site, if everything is correct, then you redirect them to the calendar with the username/password passed in the URL (just like the previous suggestion). The calendar needs to use the flatfile for authentication, so that's why you just pass a generic account to it throught the URL.

Here's the gist of the page in pseudo code

Code:

if user not logged in
  send to login page

if he does not have access to calendar
  send him away
else
  send him to /events/index.php?name=demo&pwd=demo