I ALWAYS use this set of scripts because they don't have to integrate into your pages. 
 They are a front end check that you just add one line to the top of all your pages 
you want to secure.  The check runs and if they have clearance, THEN your page 
displays.  Very easy to use and customize. you can download them at:
http://www.phpsecurepages.f2s.com/ 

Angie

>>> Jan de Koster <[EMAIL PROTECTED]> 06/22/01 08:35AM >>>

////////////////////////// USED FOR AUTHENTICATION ////////////////////////

 function authenticate_user(){
 Header("WWW-Authenticate: Basic realm=\"[EMAIL PROTECTED]\"");
 Header("HTTP/1.0 401 Unauthorized");
 echo "You are not authorized to enter this section of the site!\n";
 exit;
 }

 if(!isset($PHP_AUTH_USER)) {
 authenticate_user();
 } else {

 $db = mysql_connect("localhost","...","");
 mysql_select_db("...",$db);
 $sql = "SELECT * FROM ... WHERE User='$PHP_AUTH_USER' &&
password='$PHP_AUTH_PW'";
 $r = mysql_query($sql);
 if(@mysql_num_rows($r) < 1){
 authenticate_user();
 }
 }

////////////////////////// USED FOR AUTHENTICATION ////////////////////////

Not sure if this is what you ar looking for, but it works just fine for me. I
picked it off php.net somewhere where there's a very interesting discussion on
the topic. I think I was searching on "authentication".

My pleasure
jan

"Rubanowicz, Lisa" wrote:

> Hi All,
> I have an Admin section for my site (where users fill in web forms and it
> changes the site and upload facility for images) and would like a script
> that does a User Logon page.  Password is enough.  I have created a TABLE in
> my mySQL database called bw_password with two fields id and password.
> Does anyone have a handy script.  I tried but to no avail, I was trying to
> send the header to redirect if the password in the input box matches the
> database password but it kept saying that the header was already sent..  I
> tried Javascript aswell, doing a location.href = "URL" within the "if"
> statement.
> If anyone can send me one they have and I can try and modify it then or at
> least understand it.  I am a beginner so please be nice!!
> Thanks in advance
> Lisa
>
>
> Lisa Rubanowicz
> Case ITC,
> Navan, Ireland
> Tel: #353 (0)46 77663
>
> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>
>


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED] 
For additional commands, e-mail: [EMAIL PROTECTED] 
To contact the list administrators, e-mail: [EMAIL PROTECTED] 



--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to