This forum is no longer open and is for reading/searching only.

Please use our new MachForm Community Forum instead.

MachForm Community Forums » MachForm 2

Integration with existing authentication

Started 16 years ago by isaacvetter | 6 posts |


  1. isaacvetter
    Member

    Hi;

    MachForm seems to be almost exactly what I'm looking for. The crucial feature that I need is some method to integrate into an authentication system.

    I want a visitor to log in with a username and password and then be directed to the form and have the visitor's username/id associated with his/her form submission.

    I understand that I can modify code upon purchase. Do you have any other suggestions for doing this?

    Much Thanks,

    Isaac

    Posted 16 years ago #

  2. yuniar

    Is that your only requirement? To pass username/id into the form from other system?

    If so, yes this is possible with some modification. The easiest way would be using session. If you could set a session variable from your auth system, machform can access it and include it into your form submission.

    MachForm Founder

    Posted 16 years ago #

  3. isaacvetter
    Member

    Hi yuniar;

    I'm digging through your code to figure out the cleanest way to securely insert a user's unique id into a form submission.

    I can't help but think that if you had a master form element type class and then extended it for specific form elements (phone, address, captcha, email, etc) it would be a lot easier to add new types, even per customer.

    This would make submission validation a lot easier, too.

    Isaac

    Posted 16 years ago #

  4. isaacvetter
    Member

    Also, because form submission occurs to an inline link that doesn't specify a full url, that can break some web single sign on systems, like the one I'm trying to use: http://www.jasig.org/cas

    Having the form action point to PHP_SELF would fix this.

    Isaac

    Posted 16 years ago #

  5. isaacvetter
    Member

    Okay, I've got my employer's web SSO system working with MachForms.

    I just required an "external" php class from within the config.php file (because it seems to be included everywhere) and then added code to replace the values of private/Admin-only fields that were named very specifically, with the logged in user's unique ID (essentially username).

    Specifically, I added code at line #148 in includes/post-functions.php, in the process_form() function.

    This is a reasonable modification, right?

    Now, I'd like to remove the admin authentication completely and deal with it as the webserver/.htaccess level, have support for multiple admin users, provide the ability for a user to update their form submission and have a better method for pulling submitted data out of MachForm (like a REST API!!).

    My long-term concern is supporting modified code, which will stop me from applying updates. Yuniar, if I do any of the above, especially the last one, and provide you with diffs, will you consider rolling them back into your product?

    Isaac

    Posted 16 years ago #

  6. yuniar

    Hi Isaac,

    I'm glad you are able to extend MachForm to suit your need. Our goal from the beginning is to write the most simple code as possible, so that both novice programmer and advanced could easily extend it.

    That's why we aren't using any framework (personally I would love to use solid framework such as CodeIgniter) for our code base, in case you are wondering.

    Your modification seems to be fine. However, I'm afraid I can't promise you anything regarding rolling your code into our current code.

    MachForm Founder

    Posted 16 years ago #

RSS feed for this topic

Reply