I'll post you a simple HTTP auth script. but you should realize something about
header()
client -> server
server -> client
the client sends some HTTP request to the server, then the server sends some HTTP
response to the client. php is strictly server side, you have full control over the
HTTP headers sent to the user, but not from the user to the server. ie. method='post'
that is sending client data to the server, you will have no control over this at all...
php_auth.php
<?
include_once('session.egn');
include_once('database.egn');
function bad_passwd()
{
echo "You have entered an invalid password.<br>\n";
exit();
}
if ( isset($PHP_AUTH_USER) AND isset($PHP_AUTH_PW) AND $peop_r =
fetch_db_value('people_manager', "WHERE username = '$PHP_AUTH_USER' AND password =
'$PHP_AUTH_PW' ") )
$SessionID = $peop_r['peopleID'];
else
{
Header("WWW-Authenticate: Basic realm='$SERVER_NAME' ");
Header("HTTP/1.0 401 Unauthorized");
bad_passwd();
}
?>
--
Chris Lee
[EMAIL PROTECTED]
"Patrick Dunford" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Can someone explain "header" to me?
Does it mean you can send HTTP headers with any script if you are loading
another document?
There are two possibilities that interest me:
1. Sending username and password for authorisation in a protected area. This
of course is done by browsers when they get a 401 and ask the user for their
username and password in a dialog box. I would like to ask them for the data
in a form then send it to the page in question.
2. Passing in variables to a script without specifying them as part of the
URL. Like a form that uses POST to submit variables to a script without them
being displayed in the URL when the page loads.
--
=======================================================================
Patrick Dunford, Christchurch, NZ - http://pdunford.godzone.net.nz/
If only for this life we have hope in Christ, we are to be
pitied more than all men.
-- 1 Corinthians 15:19
http://www.heartlight.org/cgi-shl/todaysverse.cgi?day=20010411
=======================================================================
Created by Mail2Sig - http://pdunford.godzone.net.nz/software/mail2sig/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
