Re: [PHP] newbie php authentication quest.

Thu, 15 Mar 2001 09:38:14 -0800 

this works for me

<?
 include_once('cookie.egn');
 include_once('database.egn');

 function bad_passwd()
 {
  echo "You have entered an invalid password.<br>\n";
  exit();
 }

 if ( isset($PHP_AUTH_USER) AND isset($PHP_AUTH_PW) AND $peop_r = 
fetch_db_value('people_manager', "WHERE username = '$PHP_AUTH_USER' AND password = 
'$PHP_AUTH_PW' ") )
  $SessionID = $peop_r['peopleID'];
 else
 {
  Header("WWW-Authenticate: Basic realm='$SERVER_NAME' ");
  Header("HTTP/1.0 401 Unauthorized");
  bad_passwd();
 }
?>


-- 

 Chris Lee
 [EMAIL PROTECTED]





""Christian Boesch"" <[EMAIL PROTECTED]> wrote in message 
016a01c0ad3a$af9bddf0$ae66aac1@cbook">news:016a01c0ad3a$af9bddf0$ae66aac1@cbook...
hi
i want to protect a page (lets say its name is test.php) with
authentication.
therefore i included auth.php as follows:

test.php:
<?php
include "mysql.inc.php";    //open database link
include "auth.php";
authentication();
.....?>

this is auth.php:

<?php
function authentication()
{
  if(!isset($PHP_AUTH_USER))
  {
    Header("WWW-Authenticate: Basic realm=\"test Realm\"");
    Header("HTTP/1.0 401 Unauthorized");
    echo "you canceled the authentication, access denied\n";
    exit;
  }
  else
  {
    $query="select * from users where user='$PHP_AUTH_USER' and
pass='$PHP_AUTH_PW'";
    $result = mysql_query($query,$link);
    $num = mysql_numrows($result);
    if($num==1)
    {
 return;
    }
    else
    {
      echo "wrong user or password";
      exit;
    }
  }
}
?>

the problem is that when i want to open test.php i get the authentication
box, then i enter username and password
and then i get again this box. i can enter the user and passwd 3 times, then
i get the error message "you canceled
the authentication" form my auth.php function.
but when i copy the source code from auth.php to a new file without as
function {} and substitute the return with echo "hi";
it works.
has anyone an idea.
thanks
chris


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to