[PHP] PHP Auth
Greetings, What is the best way to create authentication for MySQL info displayed on PHP pages. Thanks, -- Steve Marquez Marquez Design e-mail: [EMAIL PROTECTED] web: http://www.marquez-design.com phone: 479-648-0325
Re: [PHP] PHP Auth
Steve Marquez wrote: Greetings, What is the best way to create authentication for MySQL info displayed on PHP pages. Thanks, Best is relative. How many users do you expect? Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Auth
[snip] What is the best way to create authentication for MySQL info displayed on PHP pages. [/snip] I personally like the Magic MySQL Authentication thingie, but I digress. Welcome to the list Steve, it is always nice to see new faces. I fear that your question is just a little too vague though, can you be more specific about what you're trying to do? You'll find a group of very helpful and intelligent folks here who would love to help you, but you have to provide more detail. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Auth
I have a form that I use to authenticate users stored in a MySQL database. I want to be able to ensure that no body will be able to bookmark a page and be able to return to that page without authenticating. But I also want the authenticated user to be able to use all the subsequent pages without having to re-authenticate during that session. Does this make sense? -- Steve Marquez Marquez Design e-mail: [EMAIL PROTECTED] web: http://www.marquez-design.com phone: 479-648-0325 On Oct 30, 2008, at 3:38 PM, Jay Blanchard wrote: [snip] What is the best way to create authentication for MySQL info displayed on PHP pages. [/snip] I personally like the Magic MySQL Authentication thingie, but I digress. Welcome to the list Steve, it is always nice to see new faces. I fear that your question is just a little too vague though, can you be more specific about what you're trying to do? You'll find a group of very helpful and intelligent folks here who would love to help you, but you have to provide more detail.
Re: [PHP] PHP Auth
On Thu, Oct 30, 2008 at 3:38 PM, Jay Blanchard [EMAIL PROTECTED] wrote: Welcome to the list Steve, it is always nice to see new faces. I fear that your question is just a little too vague though, can you be more specific about what you're trying to do? You'll find a group of very helpful and intelligent folks here who would love to help you, but you have to provide more detail. It would also be wise to search Google and the mailing list archives before posting a question like this here, since they've been brought up a million times and you run the risk of being flamed by someone having a bad day just for asking. We now conclude our run-on sentence. -- /Daniel P. Brown http://www.parasane.net/ [EMAIL PROTECTED] || [EMAIL PROTECTED] Ask me about our current hosting/dedicated server deals! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Auth
On Thu, Oct 30, 2008 at 3:41 PM, Steve Marquez [EMAIL PROTECTED] wrote: I have a form that I use to authenticate users stored in a MySQL database. I want to be able to ensure that no body will be able to bookmark a page and be able to return to that page without authenticating. But I also want the authenticated user to be able to use all the subsequent pages without having to re-authenticate during that session. Start by learning about session handling. Here's your launch point: http://php.net/sessions -- /Daniel P. Brown http://www.parasane.net/ [EMAIL PROTECTED] || [EMAIL PROTECTED] Ask me about our current hosting/dedicated server deals! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Auth
On Thu, Oct 30, 2008 at 4:41 PM, Steve Marquez
[EMAIL PROTECTED]wrote:
I have a form that I use to authenticate users stored in a MySQL database.
I want to be able to ensure that no body will be able to bookmark a page and
be able to return to that page without authenticating. But I also want the
authenticated user to be able to use all the subsequent pages without having
to re-authenticate during that session.
Does this make sense?
You'll want to a check to see if their session is active. Are you using the
$_SESSION array? If so, you could do something as simple as a quick if at
the top of each page:
if ( !isset( $_SESSION['blah'] )
{
header( Location: login.php );
}
You should read up on session tracking. That's really what you want. Once
the session is established, its really just a matter of Is it there? and
If not, what do I do?.
--
-Dan Joseph
www.canishosting.com - Plans start @ $1.99/month.
Build a man a fire, and he will be warm for the rest of the day.
Light a man on fire, and will be warm for the rest of his life.
Re: [PHP] PHP Auth
Anton Krall wrote: Guys. Im doing a small php auth system and I was wondering, how can avoid having to do a form to pass the user and pw to the php scripts and just use the popup auth windows on IE and NS? do you remember the names of the vars that get passed thru that popup or how can I invoke it? http://www.zend.com/zend/tut/authentication.php (please don't ask for read reciepts in your emails to the list) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP Auth
Guys. Im doing a small php auth system and I was wondering, how can avoid having to do a form to pass the user and pw to the php scripts and just use the popup auth windows on IE and NS? do you remember the names of the vars that get passed thru that popup or how can I invoke it? Thx! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Auth
* Thus wrote Anton Krall ([EMAIL PROTECTED]): Guys. Im doing a small php auth system and I was wondering, how can avoid having to do a form to pass the user and pw to the php scripts and just use the popup auth windows on IE and NS? do you remember the names of the vars that get passed thru that popup or how can I invoke it? This page should tell you everything you need to know: http://www.php.net/manual/en/features.http-auth.php Curt -- I used to think I was indecisive, but now I'm not so sure. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Auth
Thx Curt! Intruder Consulting Anton Krall Director General [EMAIL PROTECTED] tel: 5233-9281 mobile: 044-55-1320-8717 IM: [EMAIL PROTECTED] www.intruder.com.mx %-Original Message- %From: Curt Zirzow [mailto:[EMAIL PROTECTED] %Sent: Sábado, 24 de Abril de 2004 02:30 p.m. %To: [EMAIL PROTECTED] %Subject: Re: [PHP] PHP Auth % %* Thus wrote Anton Krall ([EMAIL PROTECTED]): % Guys. % % Im doing a small php auth system and I was wondering, how can avoid % having to do a form to pass the user and pw to the php scripts and % just use the popup auth windows on IE and NS? do you remember the % names of the vars that get passed thru that popup or how can %I invoke it? % %This page should tell you everything you need to know: % http://www.php.net/manual/en/features.http-auth.php % %Curt %-- %I used to think I was indecisive, but now I'm not so sure. % %-- %PHP General Mailing List (http://www.php.net/) To unsubscribe, %visit: http://www.php.net/unsub.php % % -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] php auth instead of .htaccess
Hello, I have gotten used to using .htaccess to protect files/directories, but now I am looking at a need to authenticate against mysql. I have no problem actually getting it to authenticate, but I'm wondering what the simplest way to prevent someone from hitting anything other than the main page (and not needing authenticate) without having to login at every page. I'm assuming I would use something with sessions. Does anyone have a quick sample of how to do this? Any help would be great, I just need a step or two in the right direction. Thanks, Bryan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php auth instead of .htaccess
Bryan Koschmann - GKT wrote:
Hello,
I have gotten used to using .htaccess to protect files/directories, but
now I am looking at a need to authenticate against mysql. I have no
problem actually getting it to authenticate, but I'm wondering what the
simplest way to prevent someone from hitting anything other than the main
page (and not needing authenticate) without having to login at every page.
I'm assuming I would use something with sessions. Does anyone have a quick
sample of how to do this?
Yes, create a session variable using this syntax:
$_SESSION['logged_in'] = false;
Then authenticate the user. If the authentication succeeds, then change
the variable's value to true.
$_SESSION['logged_in'] = true;
Now on every page except your login page, test for the session variable
before displaying the page. If it's present and valid, display the page
as usual, if not, redirect to the login page.
if (isset($_SESSION['logged_in'])
$_SESSION['logged_in'] == true) {
// display page
}
else {
header(Location: http://domain.com/login;);
exit(Sorry, you are not logged in.);
}
The details are all in the manual under Sessions and Session-related
functions.
Erik
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Auth with Apache
I'm now understanding how you can get PHP to present you with a username and password promt just like APache would do if you had a .htaccess file in the directory you were trying to enter. Great idea but it seems that it would be easier to just use the .htaccess file in the directory. What I've been trying to find out is how to pass through a .htaccess file if someone has already passed an database authentication lookup in PHP. I have an area on my site Special Publications where users login and their username and password is checked against a MySQL database. One field in their user records is the URL to their directory on our server. Each one of these directories is protected via .htaccess. What I would really like to do is have them redirected to their URL if they pass authentication and not have them enter their username and password again. Is their a way to do this? Thanks, Ed On Wed, 13 Nov 2002, Ewout de Boer wrote: in httpd.conf Directory /scriptdir AllowOverride AuthConfig /Directory More info at http://httpd.apache.org/docs/mod/core.html#allowoverride regards, Ewout - Original Message - From: Alexander Bemme [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 13, 2002 12:02 PM Subject: [PHP] PHP Auth with Apache Hi, i got a little problem (i hope so) I have installed Apache 1.3.26 and PHP 4.2.3 as module. I used the example from www.php.net to do a PHP authentication, but it didn't work, the pop appears but i can't login. In PHPManual is someting about AuthType but nothing about how to fix it. Can someone help out? Thanks --Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Auth with Apache
Ed, When you do auth with mysql and they succeed then u can set the $_SERVER['PHP_AUTH_USER'] and in theory that should allow you to connect to the directory because that should be set for apache http authentication. You might have to play with it, but i am sure you can get it to work. On Thu, 2002-11-14 at 16:42, [EMAIL PROTECTED] wrote: I'm now understanding how you can get PHP to present you with a username and password promt just like APache would do if you had a .htaccess file in the directory you were trying to enter. Great idea but it seems that it would be easier to just use the .htaccess file in the directory. What I've been trying to find out is how to pass through a .htaccess file if someone has already passed an database authentication lookup in PHP. I have an area on my site Special Publications where users login and their username and password is checked against a MySQL database. One field in their user records is the URL to their directory on our server. Each one of these directories is protected via .htaccess. What I would really like to do is have them redirected to their URL if they pass authentication and not have them enter their username and password again. Is their a way to do this? Thanks, Ed On Wed, 13 Nov 2002, Ewout de Boer wrote: in httpd.conf Directory /scriptdir AllowOverride AuthConfig /Directory More info at http://httpd.apache.org/docs/mod/core.html#allowoverride regards, Ewout - Original Message - From: Alexander Bemme [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 13, 2002 12:02 PM Subject: [PHP] PHP Auth with Apache Hi, i got a little problem (i hope so) I have installed Apache 1.3.26 and PHP 4.2.3 as module. I used the example from www.php.net to do a PHP authentication, but it didn't work, the pop appears but i can't login. In PHPManual is someting about AuthType but nothing about how to fix it. Can someone help out? Thanks --Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- .: B i g D o g :. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Auth with Apache
Y have a problemm Warning: Cannot send session cache limiter - headers already sent (output started at c:\foxserv\www\t-demo1\pedidos\prod_oficina.php:5) in c:\foxserv\www\t-demo1\pedidos\prod_oficina.php on line 6 Ysrael Guzmán Meza -Mensaje original- De: BigDog [mailto:bigdog;venticon.com] Enviado el: Jueves, 14 de Noviembre de 2002 04:51 a.m. Para: [EMAIL PROTECTED] Asunto: Re: [PHP] PHP Auth with Apache Ed, When you do auth with mysql and they succeed then u can set the $_SERVER['PHP_AUTH_USER'] and in theory that should allow you to connect to the directory because that should be set for apache http authentication. You might have to play with it, but i am sure you can get it to work. On Thu, 2002-11-14 at 16:42, [EMAIL PROTECTED] wrote: I'm now understanding how you can get PHP to present you with a username and password promt just like APache would do if you had a .htaccess file in the directory you were trying to enter. Great idea but it seems that it would be easier to just use the .htaccess file in the directory. What I've been trying to find out is how to pass through a .htaccess file if someone has already passed an database authentication lookup in PHP. I have an area on my site Special Publications where users login and their username and password is checked against a MySQL database. One field in their user records is the URL to their directory on our server. Each one of these directories is protected via .htaccess. What I would really like to do is have them redirected to their URL if they pass authentication and not have them enter their username and password again. Is their a way to do this? Thanks, Ed On Wed, 13 Nov 2002, Ewout de Boer wrote: in httpd.conf Directory /scriptdir AllowOverride AuthConfig /Directory More info at http://httpd.apache.org/docs/mod/core.html#allowoverride regards, Ewout - Original Message - From: Alexander Bemme [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 13, 2002 12:02 PM Subject: [PHP] PHP Auth with Apache Hi, i got a little problem (i hope so) I have installed Apache 1.3.26 and PHP 4.2.3 as module. I used the example from www.php.net to do a PHP authentication, but it didn't work, the pop appears but i can't login. In PHPManual is someting about AuthType but nothing about how to fix it. Can someone help out? Thanks --Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- .: B i g D o g :. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Auth with Apache
You have a space or a tag or something before you call session_start, session_start has to be the very first thing, unless you use output buffering (ob_start, etc). On Thu, 2002-11-14 at 11:54, Ysrael Guzmán wrote: Y have a problemm Warning: Cannot send session cache limiter - headers already sent (output started at c:\foxserv\www\t-demo1\pedidos\prod_oficina.php:5) in c:\foxserv\www\t-demo1\pedidos\prod_oficina.php on line 6 Ysrael Guzmán Meza -Mensaje original- De: BigDog [mailto:bigdog;venticon.com] Enviado el: Jueves, 14 de Noviembre de 2002 04:51 a.m. Para: [EMAIL PROTECTED] Asunto: Re: [PHP] PHP Auth with Apache Ed, When you do auth with mysql and they succeed then u can set the $_SERVER['PHP_AUTH_USER'] and in theory that should allow you to connect to the directory because that should be set for apache http authentication. You might have to play with it, but i am sure you can get it to work. On Thu, 2002-11-14 at 16:42, [EMAIL PROTECTED] wrote: I'm now understanding how you can get PHP to present you with a username and password promt just like APache would do if you had a .htaccess file in the directory you were trying to enter. Great idea but it seems that it would be easier to just use the .htaccess file in the directory. What I've been trying to find out is how to pass through a .htaccess file if someone has already passed an database authentication lookup in PHP. I have an area on my site Special Publications where users login and their username and password is checked against a MySQL database. One field in their user records is the URL to their directory on our server. Each one of these directories is protected via .htaccess. What I would really like to do is have them redirected to their URL if they pass authentication and not have them enter their username and password again. Is their a way to do this? Thanks, Ed On Wed, 13 Nov 2002, Ewout de Boer wrote: in httpd.conf Directory /scriptdir AllowOverride AuthConfig /Directory More info at http://httpd.apache.org/docs/mod/core.html#allowoverride regards, Ewout - Original Message - From: Alexander Bemme [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 13, 2002 12:02 PM Subject: [PHP] PHP Auth with Apache Hi, i got a little problem (i hope so) I have installed Apache 1.3.26 and PHP 4.2.3 as module. I used the example from www.php.net to do a PHP authentication, but it didn't work, the pop appears but i can't login. In PHPManual is someting about AuthType but nothing about how to fix it. Can someone help out? Thanks --Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- .: B i g D o g :. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Adam Voigt ([EMAIL PROTECTED]) The Cryptocomm Group My GPG Key: http://64.238.252.49:8080/adam_at_cryptocomm.asc signature.asc Description: This is a digitally signed message part
Re: [PHP] PHP Auth with Apache
PHP sends a '401 Authorization required' to your browser (just like apache)
and it also gets the user/password info
Code example:
?php
if(!isset($PHP_AUTH_USER)) {
Header(WWW-Authenticate: Basic Realm=\Secret Page\);
Header(HTTP/1.0 401 Unauthorized);
echo You did not log in correctly...\n;
exit; # exit wil stop php from parsing the rest of the script
} else {
echo Hello $PHP_AUTH_USER. You entered $PHP_AUTH_PW as your
password;
}
?
In this example no user/passwd checking is done... just replace the
'welcome' message with your mysql/ldap check routine and voila !
regards,
Ewout de Boer
- Original Message -
From: [EMAIL PROTECTED]
To: Ewout de Boer [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Thursday, November 14, 2002 5:42 PM
Subject: Re: [PHP] PHP Auth with Apache
I'm now understanding how you can get PHP to present you with a username
and password promt just like APache would do if you had a .htaccess file
in the directory you were trying to enter. Great idea but it seems that it
would be easier to just use the .htaccess file in the directory.
What I've been trying to find out is how to pass through a .htaccess file
if someone has already passed an database authentication lookup in PHP.
I have an area on my site Special Publications where users login and
their username and password is checked against a MySQL database. One field
in their user records is the URL to their directory on our server. Each
one of these directories is protected via .htaccess. What I would really
like to do is have them redirected to their URL if they pass
authentication and not have them enter their username and password again.
Is their a way to do this?
Thanks,
Ed
On Wed, 13 Nov 2002, Ewout de Boer wrote:
in httpd.conf
Directory /scriptdir
AllowOverride AuthConfig
/Directory
More info at http://httpd.apache.org/docs/mod/core.html#allowoverride
regards,
Ewout
- Original Message -
From: Alexander Bemme [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, November 13, 2002 12:02 PM
Subject: [PHP] PHP Auth with Apache
Hi,
i got a little problem (i hope so)
I have installed Apache 1.3.26 and PHP 4.2.3 as module.
I used the example from www.php.net to do a PHP authentication,
but it didn't work, the pop appears but i can't login.
In PHPManual is someting about AuthType but nothing about how
to fix it.
Can someone help out?
Thanks
--Alex
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Auth with Apache
I can set the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] easily enough but how would you pass that information along with the redirect so apach doesn't prompt you for username and password? I have tried the header(Location http://usernam:password;URL) method and it always prompts as well. Thanks, Ed On 14 Nov 2002, BigDog wrote: Ed, When you do auth with mysql and they succeed then u can set the $_SERVER['PHP_AUTH_USER'] and in theory that should allow you to connect to the directory because that should be set for apache http authentication. You might have to play with it, but i am sure you can get it to work. On Thu, 2002-11-14 at 16:42, [EMAIL PROTECTED] wrote: I'm now understanding how you can get PHP to present you with a username and password promt just like APache would do if you had a .htaccess file in the directory you were trying to enter. Great idea but it seems that it would be easier to just use the .htaccess file in the directory. What I've been trying to find out is how to pass through a .htaccess file if someone has already passed an database authentication lookup in PHP. I have an area on my site Special Publications where users login and their username and password is checked against a MySQL database. One field in their user records is the URL to their directory on our server. Each one of these directories is protected via .htaccess. What I would really like to do is have them redirected to their URL if they pass authentication and not have them enter their username and password again. Is their a way to do this? Thanks, Ed On Wed, 13 Nov 2002, Ewout de Boer wrote: in httpd.conf Directory /scriptdir AllowOverride AuthConfig /Directory More info at http://httpd.apache.org/docs/mod/core.html#allowoverride regards, Ewout - Original Message - From: Alexander Bemme [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 13, 2002 12:02 PM Subject: [PHP] PHP Auth with Apache Hi, i got a little problem (i hope so) I have installed Apache 1.3.26 and PHP 4.2.3 as module. I used the example from www.php.net to do a PHP authentication, but it didn't work, the pop appears but i can't login. In PHPManual is someting about AuthType but nothing about how to fix it. Can someone help out? Thanks --Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- .: B i g D o g :. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Auth with Apache
You should use sessions for this...however, i would not store the password in the session... And verify it that way...i would probably use all sessions for this... Check sessions first and see...if not then do the mysql or apache auth... When you do sessions you can save the page they are trying to access, then have them login (authenticate), then redirect to the page that they wanted... If you are unfamiliar about sesssions: 1. php.net 2. phpbeginner.com 3. phpbuilder.com 4. php.net archives 5. google On Thu, 2002-11-14 at 18:09, [EMAIL PROTECTED] wrote: I can set the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] easily enough but how would you pass that information along with the redirect so apach doesn't prompt you for username and password? I have tried the header(Location http://usernam:password;URL) method and it always prompts as well. Thanks, Ed On 14 Nov 2002, BigDog wrote: Ed, When you do auth with mysql and they succeed then u can set the $_SERVER['PHP_AUTH_USER'] and in theory that should allow you to connect to the directory because that should be set for apache http authentication. You might have to play with it, but i am sure you can get it to work. On Thu, 2002-11-14 at 16:42, [EMAIL PROTECTED] wrote: I'm now understanding how you can get PHP to present you with a username and password promt just like APache would do if you had a .htaccess file in the directory you were trying to enter. Great idea but it seems that it would be easier to just use the .htaccess file in the directory. What I've been trying to find out is how to pass through a .htaccess file if someone has already passed an database authentication lookup in PHP. I have an area on my site Special Publications where users login and their username and password is checked against a MySQL database. One field in their user records is the URL to their directory on our server. Each one of these directories is protected via .htaccess. What I would really like to do is have them redirected to their URL if they pass authentication and not have them enter their username and password again. Is their a way to do this? Thanks, Ed On Wed, 13 Nov 2002, Ewout de Boer wrote: in httpd.conf Directory /scriptdir AllowOverride AuthConfig /Directory More info at http://httpd.apache.org/docs/mod/core.html#allowoverride regards, Ewout - Original Message - From: Alexander Bemme [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 13, 2002 12:02 PM Subject: [PHP] PHP Auth with Apache Hi, i got a little problem (i hope so) I have installed Apache 1.3.26 and PHP 4.2.3 as module. I used the example from www.php.net to do a PHP authentication, but it didn't work, the pop appears but i can't login. In PHPManual is someting about AuthType but nothing about how to fix it. Can someone help out? Thanks --Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- .: B i g D o g :. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- .: B i g D o g :. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Auth with Apache
I have a problem, i'm new in PHP It is the problem in my browsegive me the solution please Warning: Cannot send session cache limiter - headers already sent (output started at c:\foxserv\www\t-demo1\pedidos\prod_oficina.php:5) in c:\foxserv\www\t-demo1\pedidos\prod_oficina.php on line 6 HELP MEEE!!1 Sos ygm
RE: [PHP] PHP Auth with Apache
You are sending the header information to the browser before the session stuff begins... make sure that you call session_start(); right after your ?php start tag... On Thu, 2002-11-14 at 21:50, Ysrael Guzmán wrote: I have a problem, i'm new in PHP It is the problem in my browsegive me the solution please Warning: Cannot send session cache limiter - headers already sent (output started at c:\foxserv\www\t-demo1\pedidos\prod_oficina.php:5) in c:\foxserv\www\t-demo1\pedidos\prod_oficina.php on line 6 HELP MEEE!!1 Sos ygm -- .: B i g D o g :. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP Auth with Apache
Hi, i got a little problem (i hope so) I have installed Apache 1.3.26 and PHP 4.2.3 as module. I used the example from www.php.net to do a PHP authentication, but it didn't work, the pop appears but i can't login. In PHPManual is someting about AuthType but nothing about how to fix it. Can someone help out? Thanks --Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Auth with Apache
Did you use $_SERVER['PHP_AUTH_USER'] or just $PHP_AUTH_USER Alexander Bemme wrote: Hi, i got a little problem (i hope so) I have installed Apache 1.3.26 and PHP 4.2.3 as module. I used the example from www.php.net to do a PHP authentication, but it didn't work, the pop appears but i can't login. In PHPManual is someting about AuthType but nothing about how to fix it. Can someone help out? Thanks --Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Auth with Apache
in httpd.conf Directory /scriptdir AllowOverride AuthConfig /Directory More info at http://httpd.apache.org/docs/mod/core.html#allowoverride regards, Ewout - Original Message - From: Alexander Bemme [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 13, 2002 12:02 PM Subject: [PHP] PHP Auth with Apache Hi, i got a little problem (i hope so) I have installed Apache 1.3.26 and PHP 4.2.3 as module. I used the example from www.php.net to do a PHP authentication, but it didn't work, the pop appears but i can't login. In PHPManual is someting about AuthType but nothing about how to fix it. Can someone help out? Thanks --Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP Auth problem
Hi all I have a rather strange problem with php auth: i want to authenticate a user through php and validate it through imap_open function (to access his email). I send WWW-Authenticate header like this: header(WWW-Authenticate: Basic Realm=\Private\); After, i check for isset($PHP_AUTH_USER) and validate it through PHP. Can anyone tell me why, for a real user (it really exists), the authentication simply fails and asks me again for a username and password, without even leaving the authenticate intrinsic routine (the script just keeps telling me that the auth is failed, but WITHOUT running imap_open or any other part of the script). Why is that? If anyone has the time and the understanding, i can post the code fragment. Thanks - Alexandru SOFRONIE [EMAIL PROTECTED] - IT Software Dept. Omega-Tehnoton GROUP +40-93-670773 - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] PHP auth logout
Thanks for all the answers to this question but hitting the back button will work, no authorization required to see the pages all over. Repost problem: I'm having a PHP based auth. It seems that unset($PHP_AUTH_USER) or unset($PHP_AUTH_PW) doesn't work. Also, 401 Unauthorized header does not work also. Is there a way to logout and no back button or the user just have to close his browser in order to accomplish this? Thanks all, Alex [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] php auth user
Hi people We all know we use PHP_AUTH_USER for login auhenthication, how about when we need to logout? Can we just simply link them to someplace else or do we need to anything special beside normal link? cheers Jack[EMAIL PROTECTED]"Love your enemies, it will drive them nuts"
Re: [PHP] PHP auth... a little help :)
This is the file I include, works for me. cookie.egn just sets the session
variable 'SessionID' and database.egn just has my fetch_db_value functions.
Email me if you have any more questions.
http://www.php.net/manual/en/features.http-auth.php
?
include_once('cookie.egn');
include_once('database.egn');
function bad_passwd()
{
echo "You have entered an invalid password.br\n";
exit();
}
if ( isset($PHP_AUTH_USER) AND isset($PHP_AUTH_PW) AND $peop_r =
fetch_db_value('people_manager', "WHERE username = '$PHP_AUTH_USER' AND
password = '$PHP_AUTH_PW' ") )
$SessionID = $peop_r['peopleID'];
else
{
Header("WWW-Authenticate: Basic realm='$SERVER_NAME' ");
Header("HTTP/1.0 401 Unauthorized");
bad_passwd();
}
?
--
Chris Lee
Mediawaveonline.com
[EMAIL PROTECTED]
""Brandon Orther"" [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hello,
Does anyone have a tutorial on using encrypted passwords for user AUTH?
Flat
file or Database
Thank you,
Brandon Orther
WebIntellects Design/Development Manager
[EMAIL PROTECTED]
800-994-6364
www.webintellects.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
