i use this script with apache/php/mysql



<?

mysql_connect("$server", "$user", "$pass");
mysql_select_db("$database");

$auth = false;
if (isset($PHP_AUTH_USER) && isset($PHP_AUTH_PW)) {
        $sql = "SELECT Password FROM users WHERE UserID = '$PHP_AUTH_USER'";
        $result = mysql_query($sql);
        while ($row = mysql_fetch_array($result)) {
                $password = $row[Password];
        }
        $salt = substr( $password , 0 , 2 );
        $enc_pw = crypt( $PHP_AUTH_PW, $salt );

        if ($password == "$enc_pw") {
                $auth = true;
        }
}

if (!$auth) {
        header( 'WWW-Authenticate: Basic realm="Login to phpHelpDesk"' );
        header( 'HTTP/1.0 401 Unauthorized' );
        print 'Authorization Required.';
        exit;
}
?>


then you can always reach the userid with $PHP_AUTH_USER

/Mattias Aka BoNzO
http://bonzo.sineleven.nu

-- Original Message --
From: Cato Larsen <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Send: 01:47 AM
Subject: [PHP-DB] Member authentication with PHP and MySQL

Hi!

I'm trying to authenticate members by using php and MySQL.

This is what I've come to so far:

<?php

$auth = false; // Assume user is not authenticated

if (isset( $email ) && isset($password)) {

    // Connect to MySQL

    mysql_connect( 'localhost', 'Xephiroth', 'lordoftherings' )
        or die ( 'Unable to connect to server.' );

    // Select database on MySQL server

    mysql_select_db( 'members' )
        or die ( 'Unable to select database.' );

    // Formulate the query

    $sql = "SELECT * FROM memberinfo WHERE
            email = '$email' AND
            password = '$password'";

    // Execute the query and put results in $result

    $result = mysql_query( $sql )
        or die ( 'Unable to execute query.' );

    // Get number of rows in $result.

    $num = mysql_numrows( $result );

    if ( $num != 0 ) {

        // A matching row was found - the user is authenticated.

        $auth = true;

    }

}

if ( ! $auth ) {

    header( 'WWW-Authenticate: Basic realm="Members only"' );
    header( 'HTTP/1.0 401 Unauthorized' );
    echo 'Authorization Required to enter the member area';
    exit;

} else {

echo '

-SITE CONTENT-


'; } ?>


How do I make the authentication to go to site:
members.php?charnick=$charnick

Where $charnick is brung from the DB line who was authenticated?

So that Peter won't end up at John 's membersite?

Thanks for your time and expertese!

Best regards Cato



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]








-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to