Uh, no. Your problem is obvious: $sql = "SELECT * FROM users WHERE username='$_SERVER["PHP_AUTH_USER"]' and password='$_SERVER["PHP_AUTH_PW"]'";
You have double-quotes inside a double-quoted string. Like I said, don't use quotes around the array index inside a quoted string. So change the above to: $sql = "SELECT * FROM users WHERE username='$_SERVER[PHP_AUTH_USER]' and password='$_SERVER[PHP_AUTH_PW]'"; Constants are not expanded inside a quoted string, so that is the correct way to handle array indices if you want to keep them inside the quoted string. -Rasmus On Sun, 10 Nov 2002, Leif K-Brooks wrote: > Uh, no. That makes it think it's a constant, which generates a notice. > > Rasmus Lerdorf wrote: > > >Don't use quotes around the array index inside a quoted string. > > > >-Rasmus > > > >On 10 Nov 2002, Ray Seals wrote: > > > > > > > >>>The fact that tutorials are outdated & using old code is not a good reason > >>>to stick with it :) > >>> > >>> > >>I agree totally. > >> > >>So I'm trying to use the $_Server variables but I continue to get this > >>error: > >> > >>Parse error: parse error, expecting 'T_STRNG' or 'T_VARIABLE' or > >>'T_NUM_STRING' in <blah, blah, blah> on line 33. > >> > >>Here is the script that is doing this: > >> > >><?php > >> > >> > >> // File Name: auth04.php > >> // Check to see if $PHP_AUTH_USER already contains info > >> > >> if (!isset($_SERVER["PHP_AUTH_USER"])) { > >> > >> // If empty, send header causing dialog box to appear > >> > >> header('WWW-Authenticate: Basic realm="My Private > >>Stuff"'); > >> header('HTTP/1.0 401 Unauthorized'); > >> exit; > >> > >> } else if (isset($_SERVER["PHP_AUTH_USER"])) { > >> > >> // If non-empty, check the database for matches > >> // connect to MySQL > >> > >> mysql_connect("hostname", "username", "password") > >> > >> or die ("Unable to connect to database."); > >> > >> // select database on MySQL server > >> > >> mysql_select_db("dev_i2ii_com") > >> or die ("Unable to select database."); > >> > >> // Formulate the query > >> > >> $sql = "SELECT * > >> FROM users > >> WHERE username='$_SERVER["PHP_AUTH_USER"]' and > >>password='$_SERVER["PHP_AUTH_PW"]'"; > >> > >> > >> > >> // Execute the query and put results in $result > >> > >> $result = mysql_query($sql); > >> > >> // Get number of rows in $result. 0 if invalid, 1 if > >>valid. > >> > >> $num = mysql_numrows($result); > >> > >> if ($num != "0") { > >> echo "<P>You're authorized!</p>"; > >> exit; > >> > >> } else { > >> > >> header('WWW-Authenticate: Basic realm="My > >>Private Stuff"'); > >> header('HTTP/1.0 401 Unauthorized'); > >> echo 'Authorization Required.'; > >> exit; > >> > >> } > >> > >> } > >> > >> > >> > >>?> > >> > >>---------------------- > >>The data base stuff hasn't been put in yet, I'm just trying to get the > >>script to load cleanly before I trouble shoot the database connector > >>side. > >> > >>Ray > >> > >> > >>-- > >>PHP General Mailing List (http://www.php.net/) > >>To unsubscribe, visit: http://www.php.net/unsub.php > >> > >> > >> > > > > > > > > > > -- > The above message is encrypted with double rot13 encoding. Any unauthorized attempt >to decrypt it will be prosecuted to the full extent of the law. > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php