I recently set up a log in page.  I'm doing it a little differently than
you.  First I establish a session and set up two session variables
(sessusername and sesspassword).

I check to see if these variables have been set,
if they have, I then check the username and password with the database to
make sure the username and password are correct.

Might be a little round about way of doing it, but I don't run into any
header errors.

        // Start a session

        //echo session_id() . "<br>\n";
        // register the username and password
        // connect to the database
        {code omitted}




        //verify the username and password
                //echo "Verifying username $sessusernmae<br>\n";
                if(!$verifyres = mysql_query("SELECT * FROM users WHERE
`username`='$sessuser'")) die(mysql_error());
                        $verifydata = mysql_fetch_array($verifyres);
                        if($verifydata[2] != $sesspass)
                                $message = "Incorrect Password";
                        $message="The username '$sessuser' was not found";
        //insert an if statement looking for the username and password
                echo "<p><font face=\"$font\" size=\"3\"><b>Please log
                if($message) echo "<p><font face=\"$font\" size=\"3\"
                echo "<form method=\"post\" action=\"weekly.php\">\n";
                echo "<p><input type=\"text\" name=\"sessuser\"
                echo "<input type=\"password\" name=\"sesspass\"
                echo "<input type=\"submit\" value=\"Log In\"></p>\n";  


Hope this is helpfull

Robbert van Andel 

-----Original Message-----
From: Pushpinder Singh Garcha [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 18, 2002 1:19 PM
Subject: [PHP] Create Login Page 

Hi All

I am trying to create  a login page using php and mysql database.

This is the code that I am trying to use:
        // File Name: auth04.php
        // Check to see if $PHP_AUTH_USER already contains info

        if (!isset($PHP_AUTH_USER)) {
                // If empty, send header causing dialog box to appear
                header('WWW-Authenticate: Basic realm="My Private Stuff"');
                header('HTTP/1.0 401 Unauthorized');

        } else if (isset($PHP_AUTH_USER)) {
                // If non-empty, check the database for matches
                // connect to MySQL

                mysql_connect("localhost", "mysql", "sunny")
                        or die ("Unable to connect to database.");

                // select database on MySQL server

                        or die ("Unable to select database.");

                // Formulate the query

                $sql = "SELECT *
                 FROM guest
                 WHERE login='$PHP_AUTH_USER' and 

                // Execute the query and put results in $result
                $result = mysql_query($sql);

                // Get number of rows in $result. 0 if invalid, 1 if valid.

                $num = mysql_numrows($result);

                if ($num != "0") {
                        echo "<P>You're authorized!</p>";       

                } else {        

                        header('WWW-Authenticate: Basic realm="My Private
                        header('HTTP/1.0 401 Unauthorized');
                        echo 'Authorization Required.';

This is the error that I get when I point my browser to this page both 
when the script is run locally and on th eremte webserver.
btw: I am running Mac OS Jagaur

Warning: Cannot add header information - headers already sent by 
(output started at /Users/pgarcha/Sites/auth.php:7) in 
/Users/pgarcha/Sites/auth.php on line 13

Warning: Cannot add header information - headers already sent by 
(output started at /Users/pgarcha/Sites/auth.php:7) in 
/Users/pgarcha/Sites/auth.php on line 14

Many Thanks

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

 "The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of, or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from all

Reply via email to