Hi all,
I used a script posted in here awhile ago from
http://www.devshed.com/Server_Side/PHP/UserAuth/page1.html
basic tutorial on how to make php session logins.
How can I customize this script so that it is specific to each user.
can I add $f_user.php from the header, or will that output the url as
$f_user.php and fail ?
I figure I would also have to name each file as the username.php also,
right ?
<?
// login.php - performs validation
// authenticate using form variables
$status = authenticate($f_user, $f_pass);
// if user/pass combination is correct
if ($status == 1)
{
// initiate a session
session_start();
// register some session variables
session_register("SESSION");
// including the username
session_register("SESSION_UNAME");
$SESSION_UNAME = $f_user;
// redirect to protected page
header("Location: /example.php");
exit();
}
else
// user/pass check failed
{
// redirect to error page
header("Location: /error.php?e=$status");
exit();
}
// authenticate username/password against a database
// returns: 0 if username and password is incorrect
// 1 if username and password are correct
function authenticate($user, $pass)
{
// configuration variables
// normally these should be sourced from an external file
// for example: include("dbconfig.php");
// variables explicitly set here for illustrative purposes
$db_host = "localhost";
$db_user = "user";
$db_pass = "pass";
$db_name = "mydb";
// check login and password
// connect and execute query
$connection = mysql_connect($db_host, $db_user, $db_pass) or die
("Unable to connect!");
$query = "SELECT uname from users WHERE uname = '$user' AND
pswd = PASSWORD('$pass')";
mysql_select_db($db_name);
$result = mysql_query($query, $connection) or die ("Error in
query: $query. " . mysql_error());
// if row exists -> user/pass combination is correct
if (mysql_num_rows($result) == 1)
{
return 1;
}
// user/pass combination is wrong
else
{
return 0;
}
}
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
