////////////////////////// USED FOR AUTHENTICATION ////////////////////////

 function authenticate_user(){
 Header("WWW-Authenticate: Basic realm=\"[EMAIL PROTECTED]\"");
 Header("HTTP/1.0 401 Unauthorized");
 echo "You are not authorized to enter this section of the site!\n";
 exit;
 }

 if(!isset($PHP_AUTH_USER)) {
 authenticate_user();
 } else {

 $db = mysql_connect("localhost","...","");
 mysql_select_db("...",$db);
 $sql = "SELECT * FROM ... WHERE User='$PHP_AUTH_USER' &&
password='$PHP_AUTH_PW'";
 $r = mysql_query($sql);
 if(@mysql_num_rows($r) < 1){
 authenticate_user();
 }
 }

////////////////////////// USED FOR AUTHENTICATION ////////////////////////

Not sure if this is what you ar looking for, but it works just fine for me. I
picked it off php.net somewhere where there's a very interesting discussion on
the topic. I think I was searching on "authentication".

My pleasure
jan

"Rubanowicz, Lisa" wrote:

> Hi All,
> I have an Admin section for my site (where users fill in web forms and it
> changes the site and upload facility for images) and would like a script
> that does a User Logon page.  Password is enough.  I have created a TABLE in
> my mySQL database called bw_password with two fields id and password.
> Does anyone have a handy script.  I tried but to no avail, I was trying to
> send the header to redirect if the password in the input box matches the
> database password but it kept saying that the header was already sent..  I
> tried Javascript aswell, doing a location.href = "URL" within the "if"
> statement.
> If anyone can send me one they have and I can try and modify it then or at
> least understand it.  I am a beginner so please be nice!!
> Thanks in advance
> Lisa
>
>
> Lisa Rubanowicz
> Case ITC,
> Navan, Ireland
> Tel: #353 (0)46 77663
>
> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>
>


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to