Create the authentication form which submit the page to a php ... there you
verify first if the user and password are ok then you make something like
this:
if ($username='ok' && $password='ok')
session_start();
session_register('username');
session_register('id_user');
}
after this in all protected pages you have to add in first line something
like this:
<?php
session_start();
if (!isset($HTTP_SESSION_VARS['username'])){
header("Location:login.php");
}
//the page code here
?>
You may even enter the session_start and if into a different page and on top
of every page to write :
<?php
require_once('verify_auth.php');
//the page code here
?>
and the user will be automatically redirected to the login page if is not
logged in.
If is not this the problem explain me what I have miss understood and I will
send you the exact code. Sorry, I don't have time to read all the messages
in this topic.
By
--
-------------------------------------------------
Cristian MARIN - Developer
InterAKT Online (www.interakt.ro)
Tel: +4021 312.53.12
Tel/Fax: +4021 312.51.91
[EMAIL PROTECTED]
"Guru P Chaturvedi" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi Neil,
>
> Well is it basically to collect user name and password from user? What
> actually i am looking for is skipping this screen and having the same
> functionality thru a HTML form.
>
> Lemme explain you in details... I have a set of files protected using the
> Auth Directives. So user's need to provide user name and password to
access
> these files via browser. Now what i am looking at is using HTML form to
> login like Yahoo! or MSN... but users who login using this method only
> should be able to access files. Are there any ways of doing this... please
> help me out in this regard.
>
> Thanks in advance,
> Guru.
>
> "Neil Smith" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> > Try this. Please note that on windows you *cannot* raise a http auth box
> > this way (PHP_AUTH_USER is not defined for Apache on windows), so you
will
> > need to use this on your live unix Apache/PHP server :
> >
> > function getUserAuthPW() {
> > // If present, set user Authenticate Password box values
> > global $_SERVER;
> > if (isset($_SERVER["PHP_AUTH_USER"])) {
> >
$username=safestring($_SERVER["PHP_AUTH_USER"]);
> > $password=safestring($_SERVER["PHP_AUTH_PW"]);
> > return true;
> > } else {
> > header("WWW-Authenticate: Basic
> > realm=\"CaptionKit\"");
> > header("HTTP/1.0 401 Unauthorized");
> > echo "You must enter a valid login ID and
> password
> > to access this resource\n";
> > exit;
> > }
> > }
> >
> > What this does is to check for PHP_AUTH_USER and if it's not defined,
> > raises a 401 error. The client interprets this as a request to enter
user
> > name & password, and brings up the grey box you see using .htaccess /
> > .htpasswd files. The function safestring just adds slashes if there
are
> > characters which need escaping for your database (some people might just
> > 'addslashes()' but I do a little more first, like trim and
> htmlspecialchars).
> >
> > Cheers - Neil Smith.
> >
> > Please note : I do not accept email from hotmail, yahoo, AOL or msn
> > accounts. All such mail *will* be bounced and deleted without being
read.
> > Thankyou for your understanding.
> >
> > At 07:36 16/06/2003 +0000, you wrote:
> > >Message-ID: <[EMAIL PROTECTED]>
> > >To: [EMAIL PROTECTED]
> > >Reply-To: "Guru P Chaturvedi" <[EMAIL PROTECTED]>
> > >From: "Guru P Chaturvedi" <[EMAIL PROTECTED]>
> > >Date: Mon, 16 Jun 2003 01:16:53 +0530
> > >Subject: Re: User Authentication...
> > >MIME-Version: 1.0
> > >
> > >Hi,
> > >
> > >Any clues...please?!
> >
>
>
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
