On May 28, 2010, at 9:43 PM, Jason Pruim wrote:
Hey Everyone,
So I'm sitting here on a friday night trying to figure out how in
the world I'm going to fix an issue that should probably be simple
to me but is escaping me at the moment
Take this authentication function:
?PHP
On Sat, 2010-05-29 at 07:40 -0400, Floyd Resler wrote:
On May 28, 2010, at 9:43 PM, Jason Pruim wrote:
Hey Everyone,
So I'm sitting here on a friday night trying to figure out how in
the world I'm going to fix an issue that should probably be simple
to me but is escaping me at
On May 29, 2010, at 12:02 AM, Nathan Nobbe wrote:
On Fri, May 28, 2010 at 7:43 PM, Jason Pruim li...@pruimphotography.com
wrote:
Hey Everyone,
So I'm sitting here on a friday night trying to figure out how in
the world I'm going to fix an issue that should probably be simple
to me
On Fri, May 28, 2010 at 7:43 PM, Jason Pruim li...@pruimphotography.comwrote:
Hey Everyone,
So I'm sitting here on a friday night trying to figure out how in the world
I'm going to fix an issue that should probably be simple to me but is
escaping me at the moment
Take this
2009/1/23 Jesus Campos jesus...@cm-barcelos.pt
Hi there,
I would like to create a application that can be able to authenticate by
client certificate.
Can I make this by apache/php? Anyone can recomend me documantation?
Thanks,
JCampos
http://www.php.net/unsub.php
Hey,
I do not really
On Thu, 2008-05-29 at 14:20 -0600, DeadTOm wrote:
So the user comes to the site and they're presented with a log in page.
They enter their username and password and php checks a mysql database for
a matching username and password.
In the case of a match, php then sets a cookie on their browser
On Thu, 29 May 2008 14:20:02 -0600 (MDT)
DeadTOm [EMAIL PROTECTED] wrote:
So the user comes to the site and they're presented with a log in
page. They enter their username and password and php checks a mysql
database for a matching username and password.
In the case of a match, php then sets
Hello ,
Those code doesn't mean anything to client browser, you may session cookie
problem. Please check php.net online manual about it.
Regards
Sancar
On Saturday 04 August 2007 18:20:49 Brian Seymour wrote:
I mostly use Firefox but still I check to make sure everything works in IE7
and
Correct Stut, I want transparent authentication, but I also want to have the
currently logged in user name pulled so I can use it for tracking purposes.
My application deals with very sensitive company information and I want to
pull the username for tracking purposes. I have everything running
Dan Shirah wrote:
Correct Stut, I want transparent authentication, but I also want to have
the currently logged in user name pulled so I can use it for tracking
purposes. My application deals with very sensitive company information
and I want to pull the username for tracking purposes. I have
Dan,
i realize i misunderstood the original question. am i to understand you
have php running
on all of the client machines ?
thanks,
-nathan
On 7/31/07, Dan Shirah [EMAIL PROTECTED] wrote:
Correct Stut, I want transparent authentication, but I also want to have
the
currently logged in
Dan Shirah wrote:
I looked on PHP.net but I couldn't not find anything suitable to answer my
question.
Within PHP, is there a way to pull the name of the user that is currently
logged into the PC?
I know with some of the _SERVER functions you can pull the IP of the machine
and other data, is
I looked on PHP.net but I couldn't not find anything suitable to answer my
question.
Within PHP, is there a way to pull the name of the user that is currently
logged into the PC?
I know with some of the _SERVER functions you can pull the IP of the machine
and other data, is there a function
On 7/27/07, Dan Shirah [EMAIL PROTECTED] wrote:
All,
I looked on PHP.net but I couldn't not find anything suitable to answer my
question.
Within PHP, is there a way to pull the name of the user that is currently
logged into the PC?
I know with some of the _SERVER functions you can pull
on *.nix you could do something like
$users = explode(' ', `users`);
$users will then be an array w/ the usernames of the currently logged in
users.
user names may appear more than once, per the users documentation.
no clue or care on windows for me :)
-nathan
On 7/27/07, Dan Shirah [EMAIL
Maybe this: $_SERVER['PHP_AUTH_USER']
http://www.php.net/manual/en/reserved.variables.php#reserved.variables.server
Regards,
Carlton Whitehead
- Original Message -
From: Dan Shirah [EMAIL PROTECTED]
To: php-general php-general@lists.php.net
Sent: Friday, July 27, 2007 1:51:51 PM
[EMAIL PROTECTED] wrote:
Maybe this: $_SERVER['PHP_AUTH_USER']
http://www.php.net/manual/en/reserved.variables.php#reserved.variables.server
Regards,
Carlton Whitehead
- Original Message -
From: Dan Shirah [EMAIL PROTECTED]
To: php-general php-general@lists.php.net
Sent: Friday, July
On Fri, July 27, 2007 12:51 pm, Dan Shirah wrote:
I looked on PHP.net but I couldn't not find anything suitable to
answer my
question.
Within PHP, is there a way to pull the name of the user that is
currently
logged into the PC?
That data is not transmitted, by design, in an HTTP request.
My application is only used within my company. I want to pull the NT
Authenticated user that is logged in, cross reference that user with what I
have pulled from ldap and verify the user's name is valid. If the username
is valid I will assign it to a variable and use that variable to store the
]
To: [EMAIL PROTECTED]
Cc: php-general php-general@lists.php.net
Sent: Friday, July 27, 2007 11:02 PM
Subject: Re: [PHP] Authentication
My application is only used within my company. I want to pull the NT
Authenticated user that is logged in, cross reference that user with what
I
have pulled from ldap
[snip]
My application is only used within my company. I want to pull the NT
Authenticated user that is logged in, cross reference that user with
what I
have pulled from ldap and verify the user's name is valid. If the
username
is valid I will assign it to a variable and use that variable to store
On Fri, July 27, 2007 4:02 pm, Dan Shirah wrote:
My application is only used within my company. I want to pull the NT
Authenticated user that is logged in, cross reference that user with
what I
have pulled from ldap and verify the user's name is valid. If the
username
is valid I will assign
Dan Shirah wrote:
My application is only used within my company. I want to pull the NT
Authenticated user that is logged in, cross reference that user with what I
have pulled from ldap and verify the user's name is valid. If the username
is valid I will assign it to a variable and use that
On Friday 27 July 2007 20:51:51 Dan Shirah wrote:
All,
I looked on PHP.net but I couldn't not find anything suitable to answer my
question.
Within PHP, is there a way to pull the name of the user that is currently
logged into the PC?
I know with some of the _SERVER functions you can pull
From: Dan Shirah [EMAIL PROTECTED]
All,
I looked on PHP.net but I couldn't not find anything suitable to answer my
question.
Within PHP, is there a way to pull the name of the user that is currently
logged into the PC?
I know with some of the _SERVER functions you can pull the IP of the
On Fri, April 29, 2005 8:50 am, Yavuz S. Atmaca said:
$sql = SELECT user_id
FROM tbl_auth_user
WHERE user_id = '$userId' AND
user_password = PASSWORD('$password');
Did you use the PASSWORD function when you inserted your passwords, or are
they just plain-text?
Ali a écrit :
if ( ( !isset( $PHP_AUTH_USER )) || (!isset($PHP_AUTH_PW))
|| ( $PHP_AUTH_USER != 'user' ) || ( $PHP_AUTH_PW != 'open' ) ) {
Better use $_SERVER['PHP_AUTH_USER'] instead of $PHP_AUTH_USER
and $_SERVER['PHP_AUTH_PW'] instead of $PHP_AUTH_PW.
Chapter 33. HTTP authentication with
Hi Ali,
Visit
http://zareef.users.phpclasses.org/browse/class/21.html
You will find a lot of code.
zareef ahmed
On Tue, 28 Dec 2004 13:12:14 +1030, Ali [EMAIL PROTECTED] wrote:
Hi everyone...
can anyone lead me to a good tutorial on authentication...it wud be good if
i can get a one in
Ali wrote:
can anyone lead me to a good tutorial on authentication...it wud be good if
i can get a one in connection with a database..
$all_good = query(SELECT valid_user FROM table);
or use Google.
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The
Bruno B B Magalhães wrote:
Hi guys,
well, I wrote a class for a big project (a framework), and here it
is, I was wondering if someone have any suggestions regarding
flexibility and security.
Wow it's the most artistic piece of php i have ever seen.
--
Raditha Dissanayake.
Is this good or bad? heheh!
Regards,
Bruno B B Magalhaes
On Nov 16, 2004, at 3:31 PM, raditha dissanayake wrote:
Bruno B B Magalhães wrote:
Hi guys,
well, I wrote a class for a big project (a framework), and here it
is, I was wondering if someone have any suggestions regarding
flexibility and
On Tue, 2 Nov 2004 13:48:30 -0500, Kelly Meeks [EMAIL PROTECTED] wrote:
I need to require username/password access in two distinct ways.
PHP Generic Access Control Lists
http://phpgacl.sourceforge.net/
--
Greg Donald
Zend Certified Engineer
http://gdconsultants.com/
http://destiney.com/
Do you mean using
$file = '/protected/file.pdf';
or using an absolute path on the server?
Best Regards,
Scott
Subject:
Re: [PHP] authentication problems!
From:
Luke [EMAIL PROTECTED]
Date:
Wed, 21 Jan 2004 14:24:11 +1100
To:
[EMAIL PROTECTED]
Yeah, i think i mentioned the same thing
by using HTML I meant, typing the address in to the broswer as
http://username:[EMAIL PROTECTED]/protected/file.pdf or as using the
HTML: a
href=http://username:[EMAIL PROTECTED]/protected/file.pdfLink.../a
or using the header: header(Location:
http://username:[EMAIL
On Wednesday 21 January 2004 05:49, Scott Taylor wrote:
Please trim your posts!
Of course there is not problem if the user is entering the information
him or her self. But just using this code:
$file = 'http://miningstocks.com/protected/Dec03PostPress.pdf';
//now view the
Yeah, i think i mentioned the same thing(or was going to :/ )
you should be able to use the local filesystem, and reffer to it relatively!
and then you can stream it and you wont need any authentication, and noone
will be able to directly link to the file
--
Luke
Jason Wong [EMAIL PROTECTED]
--- Robert Sossomon [EMAIL PROTECTED] wrote:
I currently use a .htaccess file for users to login, and now I need
to make some changes to how the site works.
I need to be able to have the users login, and once that is done the
login needs to be used to pass through the database.
Search PEAR
Message-
From: Chris Shiflett [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 16, 2003 11:53 AM
To: Robert Sossomon; [EMAIL PROTECTED]
Subject: Re: [PHP] Authentication
--- Robert Sossomon [EMAIL PROTECTED] wrote:
I currently use a .htaccess file for users to login, and now I need
~~~
-Original Message-
From: Chris Shiflett [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 16, 2003 11:53 AM
To: Robert Sossomon; [EMAIL PROTECTED]
Subject: Re: [PHP] Authentication
--- Robert Sossomon [EMAIL PROTECTED] wrote:
I currently use a .htaccess file for users to login
--- Robert Sossomon [EMAIL PROTECTED] wrote:
I am not trying to authenticate off of a database though. I have
scripts that automatically modify the .htaccess file as I change a
user, so I need to authenticate off the .htaccess file and store
the users information into a cookie. I think from
Duh, OK, Now I REALLY feel stupid. With the current setup using the
.htaccess files and everything I have in place all I needed to do was
get the information from: $_SERVER['PHP_AUTH_USER'] and
$_SERVER['PHP_AUTH_PW']. I kept thinking I had to use PHP to set those
values. Thanks guys!! Works
* Thus wrote BhongOng ([EMAIL PROTECTED]):
Hi,
I have some questions. Is it possible to pass login data such
as username and password to the HTTP Basic Authentication
dialog box from PHP? How do you code that?
I know for sure with Basic authentication you can't.
Is it also possible to
Doug,
On Thursday, July 3, 2003, at 05:42 AM, Doug Essinger-Hileman wrote:
Now I need to learn how to take the incoming message and process it.
I am assuming that the processing can be done by php. Any
suggestions, either on how to do this, or where I might learn how to
do this?
The simple
there's a good example in this article
A Complete, Secure User Login System
by Tim Perdue
http://www.phpbuilder.com/columns/tim2505.php3
olinux
On 2 Jul 2003 at 13:00, Mike Migurski wrote:
You may find it easier to include, in the e-mail,
a
uniquely-generated, limited-time URL
At the point where they fill out the registration form, I am sending them
an email, informing them that they have been registered. On many sites
I've gone to, the process then includes a requirement that the person
reply to the message.
Now I need to learn how to take the incoming message and
On 2 Jul 2003 at 13:00, Mike Migurski wrote:
You may find it easier to include, in the e-mail, a
uniquely-generated, limited-time URL that the person can visit to
verify that they have received the e-mail. This will remove the burden
of having to set up a system that responds to e-mail
Beauford.2002 wrote:
I am looking for a simple authentication script that uses MySQL. I have
downloaded about 10 of them (most with no instructions on it's use), but
even at that they are not what I need.
The PEAR project has 7 different authentication packages, including Auth
which I
At 07:02 02.03.2003, Sunfire said:
[snip]
basic question about www-authenticate header...(least i hop its simple)
i have the code:
?php
header(WWW-Authenticate: basic realm='a realm');
header(HTTP/1.0 402 Unauthorized);//dont understand
//what this line does
Is it the Win IIS authentication system ??? or apache .htaccess
Daniel E Massón.
Ingeniero de desarrollo
[EMAIL PROTECTED]
Imagine S.A.
Su Aliado Efectivo en Internet
www.imagine.com.co
(57 1)2182064 - (57 1)6163218
Bogotá - Colombia
I don't think the process is an extra step at all. In fact, it's just a
trade off using one or the other. You can either login using php and a
database backend or just authenticate using .htaccess directives.
In my case (a few months back) what I was trying to do was offer up a
single login page
[EMAIL PROTECTED] schrieb:
I don't think the process is an extra step at all. In fact, it's just a
trade off using one or the other. You can either login using php and a
database backend or just authenticate using .htaccess directives.
snip
On Mon, 3 Feb 2003, Chris Shiflett wrote:
Goetz Lohmann schrieb:
[EMAIL PROTECTED] schrieb:
I don't think the process is an extra step at all. In fact, it's just a
trade off using one or the other. You can either login using php and a
database backend or just authenticate using .htaccess directives.
snip
On Mon, 3 Feb 2003,
--- Chris Winters [EMAIL PROTECTED] wrote:
If you by chance come across a secure area that prompts
the username and passcode to a folder
Can you rephrase that? I can't tell what you are talking
about. Does a separate window pop up prompting for a
username and password, or is this part of the
Sorry about that.
What I meant was for example, sometimes I come across protected sites that
require a username and passcode. So, if one was to protect a directory or
folder, a regular dialog will appear for username and passcode prompt within
the web browser. I was researching some variables
--- Chris Winters [EMAIL PROTECTED] wrote:
So, if one was to protect a directory or folder, a
regular dialog will appear for username and passcode
prompt within the web browser. I was researching some
variables that I came across which is called
$PHP_AUTH_USER, $PHP_AUTH_PW, and
Chris,
Exactly. I am relying on the webserver to provide the restrictions.
Now my next question:
what functions should I utilize or come close to to do it? There isnt any
PHP pages directed towards teh directory itself. Its is just a hard link to
the protected areas. Are there any functions that
There is a way to supposedly do this by authenticating a username and
password through php first through such methods as database lookups and
then passing the username and password through $PHP_AUTH_USER and
$PHP_AUTH_PW using the header() command to point to the URL of the
.htaccess protected
I'm sorry the line should have been...
header(Location:http://$PHP_AUTH_USER:$[EMAIL PROTECTED];);
Ed
On Mon, 3 Feb 2003 [EMAIL PROTECTED] wrote:
There is a way to supposedly do this by authenticating a username and
password through php first through such methods as database lookups and
There is a way to supposedly do this by authenticating
a username and password through php first through such
methods as database lookups and then passing the
username and password through $PHP_AUTH_USER and
$PHP_AUTH_PW using the header() command to point to the
URL of the .htaccess
Read this:
http://www.php.net/features.http-auth
Regards,
Philip
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hi Justin,
Thanks for that link, looks pretty interesting. I'll take a closer read later.
Cheers,
Jord
--
Jordan Elver
Eagles may soar high, but weasels don't get sucked into jet engines. -- David
Brent (The Office)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
Devarticles has a series of Authentication tutorails and the a tutorial on
OOP itself. Here are the links:
http://www.devarticles.com/art/1/349
-- Member Script Tutorial: --
-- There are 6 parts --
http://www.devarticles.com/art/1/241
http://www.devarticles.com/art/1/245
on 15/01/03 7:07 AM, Jordan Elver ([EMAIL PROTECTED]) wrote:
Hi,
I'm about to start a new project which will require a login system. The system
should allow for different types of access on a per page basis. I'm going to
achieve the login system using sessions, which I have done before.
My
Jackson,
It really depends on what you are wanting to protect, but in most cases,
it is better to use a homegrown solution.
If you are interested in why I say this, read on ...
HTTP authentication has two breeds, basic and digest. With basic, the
*authentication* credentials (e.g., name and
Have a look at Kevin Yank's article on sitepoint.com called something like
restricting page access with php and mysql.
It formed the basis of my user and session management.
Basically, you should be re-checking your username and password on every
page, so it shouldn't be too hard to extend this
Use sessions. Create a user_id and pass that as a session variable rather
than the user's actual login and password.
-Original Message-
On my site, when a user logs in, their password is encrypted using md5() and
the username and encrypted password is then passed from page to page using
Sessions make life so much eaiser, in my opinion. I used to do what you do, passing
from one page the next. Now, when a user successfully logs in, ONE line of code
passes all the necessary variables from page to page without me having to do a damn
thing.
I don't personally see TOO much
I agree with Ed. Use sessions.
It's more secure that how you are doing it because theusername is not stored
in the page and retransmitted each page.
=C=
*
* Cal Evans
* The Virtual CIO
* http://www.calevans.com
*
-Original Message-
From: Peter [mailto:[EMAIL PROTECTED]]
Sent:
Lazor, Ed wrote:
Use sessions. Create a user_id and pass that as a session variable rather
than the user's actual login and password.
-Original Message-
On my site, when a user logs in, their password is encrypted using md5() and
the username and encrypted password is then passed from
Chris Shiflett wrote:
How do sessions help against this? Well, they don't solve the problem
entirely, of course, but the unique ID you pass around won't be the same
unique ID *every* time that user visits the site. So, you at least have
a good chance of making the window of time that an
Alberto Serra wrote:
Chris Shiflett wrote:
How do sessions help against this? Well, they don't solve the problem
entirely, of course, but the unique ID you pass around won't be the
same unique ID *every* time that user visits the site. So, you at
least have a good chance of making the
On Thursday 04 July 2002 09:09, Chris Shiflett wrote:
As a caveat to Mr. Serra's suggestion, remember that there are *many*
users who will go through an IP masquerading gateway or proxy, so their
IP may fluctuate, even though they are actively browsing. For this
reason, it is often necessary
Chris Shiflett wrote:
Alberto Serra wrote:
If you want to avoid even this small window, just store on a db file
the session numbers you give away, along with the IP address of the
user who got it. Then when you get a new request for that session
check the IP you are getting it from and
Alberto Serra wrote:
So you mean I have a 32 byte MD5 session id to identify the current
visit, plus another such thing to identify the step within it, right?
But why decrypting it? A presentation attack would give it back to
server in the encrypted form anyway. What do we lose by just
Jason Wong wrote:
On Thursday 04 July 2002 09:09, Chris Shiflett wrote:
As a caveat to Mr. Serra's suggestion, remember that there are *many*
users who will go through an IP masquerading gateway or proxy, so their
IP may fluctuate, even though they are actively browsing. For this
reason, it
On Thu, 4 Jul 2002, Alberto Serra wrote:
As a caveat to Mr. Serra's suggestion, remember that there are *many*
users who will go through an IP masquerading gateway or proxy, so
their IP may fluctuate, even though they are actively browsing. For
this reason, it is often necessary to tolerate
Miguel Cruz wrote:
I'd suggest ignoring IP altogether and focusing on other tactics. There
are just too many pitfalls in trusting IPs and too much user annoyance
possible from not trusting them.
Well, the way I made it admins get emailed each every time a user gets
refused
because of a
On Sat, 11 May 2002 21:21:27 -0400, you wrote:
Trying to get accustomed to PHP 4.2.0 and PHP's preference for
register_globals off, I have register_globals off.
However, when I try to use $PHP_AUTH_USER and $PHP_AUTH_PW, my script fails
(attempting to validate username and password credectials
-
From: Stuart Dallas [EMAIL PROTECTED]
To: Mike P [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Saturday, May 11, 2002 10:03 PM
Subject: Re: [PHP] Authentication with register_globals OFF
On Sat, 11 May 2002 21:21:27 -0400, you wrote:
Trying to get accustomed to PHP 4.2.0 and PHP's preference
There are several ways to do that,
But in your case, I believe the best would be having a page somewhere
and include the protected files.
Alternativelly look into the Chapter 17. of PHP Documentation: HTTP
authentication with PHP
http://it2.php.net/manual/en/features.http-auth.php
Sincerely,
At 23.04.2002 09:52, you wrote:
I have one directory that is protected with an .htaccess file on my server
where I store all member content. What I want to do is have a page where
members can log in, and after they have entered there user name and password
I what the php script to authenticate
16d Tlf.: (47) 2213 5250
0278 OsloFax : (47) 2213 5260
Norway Mob.: (47) 9343 4357
From: [EMAIL PROTECTED]
Date: Tue, 23 Apr 2002 20:43:23 +0200
To: [EMAIL PROTECTED]
Subject: Re: [PHP] authentication
At 23.04.2002 09:52, you
Morten Ronseth wrote:
Anybody know how to revoke the HTTP authentication, i.e. log people out,
using PHP?
You can't
---
Michael Kimsal
http://www.phphelpdesk.com
Guaranteed PHP support when you need it
734-480-9961
--
PHP General Mailing List
Use javascript and close the browser, that's all I can think of.
-Original Message-
From: Michael Kimsal [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 23, 2002 3:04 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] authentication
Morten Ronseth wrote:
Anybody know how to revoke the HTTP
Brian Drexler wrote:
Use javascript and close the browser, that's all I can think of.
I wasn't aware you could close an entire browser - only
a specific window. If the browser instance has any open windows,
I believe the authentication will still be active.
Michael Kimsal
On Tue, 23 Apr 2002, Morten Ronseth wrote:
Anybody know how to revoke the HTTP authentication, i.e. log people out,
using PHP?
With most browsers, you can send HTTP status 401 and re-send your realm in
the WWW-Authenticate header. The browser will assume its cached
credentials have become
To: Morten Ronseth
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] authentication
On Tue, 23 Apr 2002, Morten Ronseth wrote:
Anybody know how to revoke the HTTP authentication, i.e. log people out,
using PHP?
With most browsers, you can send HTTP status 401 and re-send your realm in
the WWW
I believe your choices are either:
1. use .htaccess authentication, which is usually constant for the time the
browser program is open.
2. develop your own user/pass system with sessions
I don't believe the two can work hand-in-hand.
Justin French
-
http://indent.com.au
On Wednesday, February 13, 2002, at 08:51 PM, Harry Yu wrote:
Can anyone give me any suggestions or recommendations?
Is there any security concerns? Also, the session
files are in a directory that is not world readable.
I just set up my own first authentication system, and it works very
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
* On 22-01-02 at 13:49
* Nicolas Llamosas said
Where can I find some information about Authentication Pages, login, pass,
using php, apache and mysql?
All the usuall places. Have you not seen these sites:
www.phpbuilder.com
www.devshed.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
* On 14-01-02 at 09:48
* Ben Clumeck said
I am new to MySQL and PHP. I am wondering how Authentication through PHP
and MySQL. How does a username and password now where to take that user?
An example is online banking. You enter your
?php
if($namethename and $passthepass)
{
tothis
}
else
{
dothat
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Yes. It works. It is great.
if(!isset($PHP_AUTH_USER) or $PHP_AUTH_USER != myuser or $PHP_AUTH_PW
!= mypassword) {
Header(WWW-Authenticate: Basic realm=\Only authorizeds web\);
Header(HTTP/1.0 401 Unauthorized);
echo ha!\n;
exit;
}
Lynn Holt wrote:
Hi all,
Hi Wilbert,
what I have done in the past (probably not the best way) is to stick a
function call in the top of all pages in that directory which calls a
function that checks for a cookie to see that the person viewing has
actually logged in.
I hope that helps.
Abe
On Mon, 27 Aug 2001, Wilbert
Sent: Tuesday, July 10, 2001 2:36 PM
To: Jack Dempsey; [EMAIL PROTECTED]
Subject: RE: [PHP] Authentication
I am using htpasswd files for the passwords but I took all the
htaccess or mod_auth directives out of httpsd.conf. I guess I could
learn mysql (yeay, maybe later), and infact, that looks like
You should look into sessions...checkout www.phpbuilder.com and other
places throughout the net for tutorials...always use www.php.net as
well...has everything you need...
jack
-Original Message-
From: David Baldwin [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 10, 2001 11:41 AM
To:
straight for sessions and mysql
jack
-Original Message-
From: David Baldwin [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 10, 2001 2:20 PM
To: Jack Dempsey
Subject: RE: [PHP] Authentication
Hey,
I am closer now but there is this one problem. I put
session_register(PHP_AUTH_USER
I can tell you that I also read that authentication won't work while PHP is
installed as CGI.
Brave Cobra [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi,
I know it doesn't have a lot to do with PHP, and then again...
I'm trying to get PHP authentication
If you run PHP as a CGI, or as an ISAPI module *without* installing the ISAPI
filter, then IIS will have already dealt with everything to do with headers
before PHP gets a look in. Installing PHP in the ISAPI filters list allows it
to get at the headers and do authentication, however you may
- Original Message -
From: Phil Driscoll [EMAIL PROTECTED]
To: Brave Cobra [EMAIL PROTECTED]; Php-General
[EMAIL PROTECTED]
Sent: Tuesday, June 26, 2001 9:52 AM
Subject: Re: [PHP] Authentication
If you run PHP as a CGI, or as an ISAPI module *without* installing the
ISAPI
filter
1 - 100 of 106 matches
Mail list logo