I would use either cookies or sessions for this.
First Check for the cookie, and verify its contents.
If there isn't a cookie then do the login prompt like you
are doing now.
Here's some pseudocode to give you a quick idea of what I mean
if (isset($cookie)
{
if (CheckCookie())
{
SiteContent();
} else {
Kill Cookie
GiveLoginPrompt();
}
} elseif (isset($login) {
if (CheckLogin())
SetCookie();
} else {
GiveLoginPrompt
}
On all the other pages on the site you just have a header check the
cookie and redirect to the login page if it doesn't check out
ie:
if (!isset($cookie))
{
header("Location: http://www.yourdomain.com/login.php");
exit;
}
if (!CheckCookie())
{
header("Location: http://www.yourdomain.com/login.php");
exit;
}
If you want to use sessions just replace cookie with session =P
Here is an example script I wrote a while back if you want to
see more than metacode
http://www.zend.com/codex.php?id=393&single=1
And here is the header for other files on the site using the above script
http://www.zend.com/codex.php?id=397&single=1
Let me know if this helps
Sheridan Saint-Michel
Website Administrator
FoxJet, an ITW Company
www.foxjet.com
----- Original Message -----
From: Cato Larsen <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, August 12, 2001 6:47 PM
Subject: [PHP-DB] Member authentication with PHP and MySQL
> Hi!
>
> I'm trying to authenticate members by using php and MySQL.
>
> This is what I've come to so far:
>
> <?php
>
> $auth = false; // Assume user is not authenticated
>
> if (isset( $email ) && isset($password)) {
>
> // Connect to MySQL
>
> mysql_connect( 'localhost', 'Xephiroth', 'lordoftherings' )
> or die ( 'Unable to connect to server.' );
>
> // Select database on MySQL server
>
> mysql_select_db( 'members' )
> or die ( 'Unable to select database.' );
>
> // Formulate the query
>
> $sql = "SELECT * FROM memberinfo WHERE
> email = '$email' AND
> password = '$password'";
>
> // Execute the query and put results in $result
>
> $result = mysql_query( $sql )
> or die ( 'Unable to execute query.' );
>
> // Get number of rows in $result.
>
> $num = mysql_numrows( $result );
>
> if ( $num != 0 ) {
>
> // A matching row was found - the user is authenticated.
>
> $auth = true;
>
> }
>
> }
>
> if ( ! $auth ) {
>
> header( 'WWW-Authenticate: Basic realm="Members only"' );
> header( 'HTTP/1.0 401 Unauthorized' );
> echo 'Authorization Required to enter the member area';
> exit;
>
> } else {
>
> echo '
>
> -SITE CONTENT-
>
>
> '; } ?>
>
>
> How do I make the authentication to go to site:
> members.php?charnick=$charnick
>
> Where $charnick is brung from the DB line who was authenticated?
>
> So that Peter won't end up at John 's membersite?
>
> Thanks for your time and expertese!
>
> Best regards Cato
>
>
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]