Need To Validate Login From Different MySQL Database

Discussion forum about Anuko Time Tracker

Need To Validate Login From Different MySQL Database

Postby thunderft » Mon May 08, 2017 5:22 am

Hello:

I've installed the latest Time Tracker and all is functioning as designed.
I see in the install instructions that users can be made to login from either the Time Tracker Database or from an LDAP server.

I have a different need when it comes to users logging in.

Currently my company has a "Staff Area" on our website, and Time Tracker is installed in a sub-directory of that Staff Area.
Currently we have a small, very generic, MySQL database that contains each employees login credentials.
As I created each employee in Time Tracker, I used the same login username and password that each employee has in our staff area database.

So, currently, users first have to login to the staff area, then click the Time Tracker link, then login a second time to Time Tracker.

As one would expect, several employees (and a few bosses) want it so that users only have to login to the Staff Area, and once logged in, those credentials automatically cause the employee to be logged into Time Tracker without having to login a second time.

I specifically used the same usernames so they would carry over well from both databases.

I did see in the MySQL database that we are using different field names for the password field though. In Time Tracker the password field name is called "password". In our employee database the password field variable is called "pwd". I do see both databases use the same "login" field name.

So.... How can I get Time Tracker to use our own existing employee MySQL database to validate users at login.

Currently Time Tracker is installed on a linux platform.

Also as a side note, any page we have have inside the employee staff area starts with this PHP code.
-----------------------------------

<?php
session_start();
include_once 'dbconnect.php';

if(!isset($_SESSION['user']))
{
header("Location: index.php");
}
$res=mysql_query("SELECT * FROM tblUsers WHERE id=".$_SESSION['user']);
$userRow=mysql_fetch_array($res);
?>

-----------------------------------

This is to prevent someone from direct linking to a page in the staff area without logging in first.
If the session is not set, it throws the user back to the employee login screen.

Any help is appreciated in advance, and thank you for an awesome Time Tracking platform.

Regards,
TF
thunderft
 
Posts: 1
Joined: Sun May 07, 2017 2:41 pm
Location: Grass Valley, Ca. USA

Re: Need To Validate Login From Different MySQL Database

Postby wrc » Fri Jul 07, 2017 10:50 pm

I would try to set these 3 values in session in the code part that does common login:

Code: Select all
  // setAuth - stores authorization data in session.
  function setAuth($userid, $username) {
    $_SESSION['authenticated'] = true;
    $_SESSION['authenticated_user_id'] = $userid; // NOTE: using "user_id" instead of "authenticated_user_id" gets us in trouble
                                                  // with older PHP when register_globals = On. What happens is that any time we set
                                                  // $user_id variable in script, $_SESSION['user_id'] is also changed automatically.
    $_SESSION['login'] = $username;
  }

Hope it helps.
wrc
 
Posts: 204
Joined: Tue May 25, 2010 8:30 pm


Return to Time Tracker

Who is online

Users browsing this forum: No registered users and 0 guests

cron