Hi there!I want to know how to reload the following script of mine by using
a cookie.If the cookie expires the user must lgin again.I can get it right
to reload the authentication script
This is my code im using in my secure pages :
require_once("inc/db.inc");
if(!isset($Cookie)){
include("quick_auth.php");
unset($PHP_AUTH_USER);
}else{
//echo "<br>Cookie is set";
session_start();
//register session variables.
session_register('userid');
session_register('username');
session_register('useremail');
}
//Now get data from tables so that we can authenticate the users that has
admin rights etc etc.:
$query = "SELECT user_type
FROM staffinfo
WHERE createdate = '$userid'";
echo "<br>Ueserid = $userid";
$row = db_array($query);
if($row[0])
{
$intcom_authtype = $row[0];
}else{
$intcom_authtype = "x";
}; //end if $row[0]
$right['p'] = "power user";
$right['n'] = "normal user";
$right['x'] = "no user";
echo "<br>This user has ".$right[$intcom_authtype]." rights";
//////////////////////////////////////////END OF
AUTHENTICATION///////////////////////////////////////
This is my quick_auth.php :
Its is basically the same as in the manual!
//require_once("inc/db.inc");
function recall()
{
Header("WWW-Authenticate: Basic realm=\"Intranet Authentication\"");
Header("HTTP/1.0 401 Unauthorized");
echo "Sorry, you have to authenticate to gain access.\n";
exit;
} //end of function recall
if(!isset($PHP_AUTH_USER))
{
Header("WWW-Authenticate: Basic realm=\"Intranet Authentication\"");
Header("HTTP/1.0 401 Unauthorized");
echo "Sorry, you have to authenticate to gain access.\n";
exit;
}else{
$email = $PHP_AUTH_USER;
$password = $PHP_AUTH_PW;
if(!strrchr($email,"@")){$email=$email."@ford.co.za";}
$query = "SELECT createdate,lastupdate,password,email,name
FROM staffinfo
WHERE email = '$email'";
$row = db_array($query);
$createdate_t = $row[0];
$lastupdate_t = $row[1];
$password_t = strtolower($row[2]);
$email_t = $row[3];
$name = $row[4];
$password = substr($password,0,20);
if((strtolower($password)!=$password_t) || (!$password))
{
recall();
}else{
$CookieString=$createdate_t."&".$email_t;
SetCookie("Cookie",$CookieString,time()+10); //setting new cookie
$userid = $createdate_t; //We use the creation date as our user id.
$username = $name;
$useremail = $email_t;
//initiate session
session_start();
//register session variables.
session_register('userid');
session_register('username');
session_register('useremail');
}; //if password correct
}; //if information submitted
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
