mgd_auth_midgard
Authenticates a user.
int mgd_auth_midgard (string username, string password, [boolean sendcookie])`
- Minimum version: Midgard 1.2.5 (Mad King)
- Third optional parameter since: Midgard 1.4 (Bifrost)
- Third optional parameter ignored since Midgard 1.7.
Returns person's id when authentication was successful. 0 is returned otherwise.
Since Midgard 1.7, the global $_MIDGARD is internally updated after this function was called. If you use older Midgard versions, you must refresh Midgard's internal authentication cache after mgd_auth_midgard() by calling mgd_get_midgard().
Logging into Sitegroups
When logging into sitegroups you have to use the login delimiters as described in the sitegroups section.
Sending Cookie with Midgard versions < 1.7
mgd_auth_midgard without sendcookie
If the optional sendcookie parameter has been set to zero (FALSE), Midgard will only authenticate the user for that particular page, and will not send an authentication cookie to the browser.
mgd_auth_midgard with sendcookie
When called with sendcookie, the user will be sent a cookie named MidgardLogin that contains the username and the cleartext password. Be aware of one serious issue with cookies: many client machines are not secured (physically or otherwise) and the cookie files are easily accessible.
You can use this function to offer logins by means of an HTML form instead of the popup window many browsers present when asked for HTTP authentication credentials. The Midgard code will not see the difference between a user logged in by HTTP authentication or the cookie login (although you can examine the MidgardLogin cookie to see if it's been set).