1
Hello folks,
OK, I'm the 'bad system administrator' whom Sunita was referencing in messages here about plugging in PAM authentication in XOOPS (OK, OK, she never actually wrote that
I've taken over finishing this project because she didn't have the resources to implement the session logging that I asked her to implement (and to reply to another post on the topic, I don't think it can be implemented by tweaking the PAM configuration... yes, it could be clearner to do this by adding the needed code to the pam_auth PHP module, but well, I chose to modify the PHP code at this point).
So I've been hacking into your authentication modules. I've found out that the logoutUser() function might be missing a:
global $xoopsUser;
line so that it can access this object in the code further down:
if (is_object($xoopsUser)) {
...
Seems to me that this test always fails and as a side effect entries are never taken out of the online users table in the DB... or am I misled?
I needed to dig out the current username to build the syslog logout message, so I had to call $xoopsUser->getVar('uname') from within the logoutUser function. It seems that $xoopsUser is always undefined. I'm no object-oriented PHP guru by far, but the 'global' statement made the trick here.
Just for what it's worth.
Greets,
_Alain_
OK, I'm the 'bad system administrator' whom Sunita was referencing in messages here about plugging in PAM authentication in XOOPS (OK, OK, she never actually wrote that
I've taken over finishing this project because she didn't have the resources to implement the session logging that I asked her to implement (and to reply to another post on the topic, I don't think it can be implemented by tweaking the PAM configuration... yes, it could be clearner to do this by adding the needed code to the pam_auth PHP module, but well, I chose to modify the PHP code at this point).
So I've been hacking into your authentication modules. I've found out that the logoutUser() function might be missing a:
global $xoopsUser;
line so that it can access this object in the code further down:
if (is_object($xoopsUser)) {
...
Seems to me that this test always fails and as a side effect entries are never taken out of the online users table in the DB... or am I misled?
I needed to dig out the current username to build the syslog logout message, so I had to call $xoopsUser->getVar('uname') from within the logoutUser function. It seems that $xoopsUser is always undefined. I'm no object-oriented PHP guru by far, but the 'global' statement made the trick here.
Just for what it's worth.
Greets,
_Alain_
