[PHP] Re: User Authentication Problem
You might get some help if you post only the code relevant to the problem with a clear explanation of the exact problem. Otherwise, I doubt anyone will bother looking through all that code you posted links to. > From: [EMAIL PROTECTED] (Tony Harrison) > Newsgroups: php.general > Date: Sat, 3 Aug 2002 20:31:54 +0100 > To: [EMAIL PROTECTED] > Subject: User Authentication Problem > > Hi, I need to authenticate users on an included page on my website, but the > problem is, I cant get it to work. > view it included at http://members.lycos.co.uk/ajohnh/ (Source at > http://members.lycos.co.uk/ajohnh/source/index.txt) > the actual file: > http://members.lycos.co.uk/ajohnh/templates/twoShea/head.php (source at > http://members.lycos.co.uk/ajohnh/source/head.txt) > the location of the script that sets the cookie (I hard-coded the user and > password combo for user ramonezrule into it): > http://members.lycos.co.uk/ajohnh/templates/twoShea/setcookie.php (source > at: http://members.lycos.co.uk/ajohnh/source/setcookie.txt) > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: User authentication?
Hi Daniel! Phpbuilder have some articles with examples under security. http://www.phpbuilder.com/columns/ Regards Jan Grafstrom Lillemans Hus AB Sweden "Daniel alsén" <[EMAIL PROTECTED]> skrev i meddelandet [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > > do aonyone know of any comprehensive tutorial for user authentication > session managment with php4 sessions and mysql? Preferably with some sort of > code examples? > > I have tried searching the larger code libraries but haven´t found anything > that suits me (the ones i actually got interested in was dead links). > > Regards > # Daniel Alsén| www.mindbash.com # > # [EMAIL PROTECTED] | +46 704 86 14 92 # > # ICQ: 63006462 | # > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: User authentication
> I set up a user-auth script that checks $PHP_AUTH_USER & $PHP_AUTH_PW > against a db with login/pwd information, but on the server my site is hosted > this doens't work because PHP runns as cgi. > > How do I do this with PHP running as a cgi? You can't. You'll have to either: Re-code it to get different variables in a web FORM. Not use PHP at all, and use mod_auth_mysql Use .htaccess instead of PHP (only suitable for small # of users, probably) I think it's a security issue that you'd be passing the username/password from Apache to the CGI in an insecure manner... Don't quote me on that though. -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]