One more thing...

When I've set up the script and run it on my local server I get this error:

"Sheridan Saint-Michel" <[EMAIL PROTECTED]> wrote in message
00df01c12400$ad2a1220$[EMAIL PROTECTED]">news:00df01c12400$ad2a1220$[EMAIL PROTECTED]...
> I would use either cookies or sessions for this.
> First Check for the cookie, and verify its contents.
> If there isn't a cookie then do the login prompt like you
> are doing now.
>
> Here's some pseudocode to give you a quick idea of what I mean
>
> if (isset($cookie)
> {
>   if (CheckCookie())
>   {
>     SiteContent();
>   }  else {
>     Kill Cookie
>     GiveLoginPrompt();
>   }
> } elseif (isset($login) {
>   if (CheckLogin())
>     SetCookie();
> } else {
>   GiveLoginPrompt
> }
>
> On all the other pages on the site you just have a header check the
> cookie and redirect to the login page if it doesn't check out
> ie:
>
> if (!isset($cookie))
> {
>   header("Location: http://www.yourdomain.com/login.php";);
>   exit;
> }
>
> if (!CheckCookie())
> {
>   header("Location: http://www.yourdomain.com/login.php";);
>   exit;
> }
>
> If you want to use sessions just replace cookie with session  =P
>
> Here is an example script I wrote a while back if you want to
> see more than metacode
> http://www.zend.com/codex.php?id=393&single=1
>
> And here is the header for other files on the site using the above script
> http://www.zend.com/codex.php?id=397&single=1
>
> Let me know if this helps
>
> Sheridan Saint-Michel
> Website Administrator
> FoxJet, an ITW Company
> www.foxjet.com
>
>
> ----- Original Message -----
> From: Cato Larsen <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Sunday, August 12, 2001 6:47 PM
> Subject: [PHP-DB] Member authentication with PHP and MySQL
>
>
> > Hi!
> >
> > I'm trying to authenticate members by using php and MySQL.
> >
> > This is what I've come to so far:
> >
> > <?php
> >
> > $auth = false; // Assume user is not authenticated
> >
> > if (isset( $email ) && isset($password)) {
> >
> >     // Connect to MySQL
> >
> >     mysql_connect( 'localhost', 'Xephiroth', 'lordoftherings' )
> >         or die ( 'Unable to connect to server.' );
> >
> >     // Select database on MySQL server
> >
> >     mysql_select_db( 'members' )
> >         or die ( 'Unable to select database.' );
> >
> >     // Formulate the query
> >
> >     $sql = "SELECT * FROM memberinfo WHERE
> >             email = '$email' AND
> >             password = '$password'";
> >
> >     // Execute the query and put results in $result
> >
> >     $result = mysql_query( $sql )
> >         or die ( 'Unable to execute query.' );
> >
> >     // Get number of rows in $result.
> >
> >     $num = mysql_numrows( $result );
> >
> >     if ( $num != 0 ) {
> >
> >         // A matching row was found - the user is authenticated.
> >
> >         $auth = true;
> >
> >     }
> >
> > }
> >
> > if ( ! $auth ) {
> >
> >     header( 'WWW-Authenticate: Basic realm="Members only"' );
> >     header( 'HTTP/1.0 401 Unauthorized' );
> >     echo 'Authorization Required to enter the member area';
> >     exit;
> >
> > } else {
> >
> > echo '
> >
> > -SITE CONTENT-
> >
> >
> > '; } ?>
> >
> >
> > How do I make the authentication to go to site:
> > members.php?charnick=$charnick
> >
> > Where $charnick is brung from the DB line who was authenticated?
> >
> > So that Peter won't end up at John 's membersite?
> >
> > Thanks for your time and expertese!
> >
> > Best regards Cato
> >
> >
> >
> > --
> > PHP Database Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
>



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to