Richard Lynch wrote:
phpninja wrote:
I think all php functions are case sensitive and must be all
lowercase. try changing "IsSet" to "isset" and give it a run. I im not
100% sure because i always type every function in php lowercase and
keep it the same throughout the application so i dont ever hav
On 3/4/2005 2:02 PM Richard Lynch wrote:
John Swartzentruber wrote:
I stripped down my original script until it started receiving POST data,
then I kept modifying it until I figured out where the problem was. I
found it, but I'm still as clueless as every.
To summarize: I have a form that posts to
phpninja wrote:
> I think all php functions are case sensitive and must be all
> lowercase. try changing "IsSet" to "isset" and give it a run. I im not
> 100% sure because i always type every function in php lowercase and
> keep it the same throughout the application so i dont ever have to
> worry
John Swartzentruber wrote:
On 3/4/2005 2:23 PM Dan wrote:
phpninja wrote:
I think all php functions are case sensitive and must be all
lowercase. try changing "IsSet" to "isset" and give it a run. I im not
100% sure because i always type every function in php lowercase and
keep it the same througho
On 3/4/2005 2:02 PM Richard Lynch wrote:
John Swartzentruber wrote:
I stripped down my original script until it started receiving POST data,
then I kept modifying it until I figured out where the problem was. I
found it, but I'm still as clueless as every.
To summarize: I have a form that posts to
On 3/4/2005 2:23 PM Dan wrote:
phpninja wrote:
I think all php functions are case sensitive and must be all
lowercase. try changing "IsSet" to "isset" and give it a run. I im not
100% sure because i always type every function in php lowercase and
keep it the same throughout the application so i don
have to
worry about that. Just a thought.
-phpninja
-Original Message-
From: Richard Lynch [mailto:[EMAIL PROTECTED]
Sent: Friday, March 04, 2005 11:03 AM
To: John Swartzentruber
Cc: php-general@lists.php.net
Subject: Re: [PHP] Re: Authentication fails - problem line found
John Swartzentrub
y about that. Just a thought.
-phpninja
-Original Message-
From: Richard Lynch [mailto:[EMAIL PROTECTED]
Sent: Friday, March 04, 2005 11:03 AM
To: John Swartzentruber
Cc: php-general@lists.php.net
Subject: Re: [PHP] Re: Authentication fails - problem line found
John Swartzentruber wrote:
John Swartzentruber wrote:
> I stripped down my original script until it started receiving POST data,
> then I kept modifying it until I figured out where the problem was. I
> found it, but I'm still as clueless as every.
>
> To summarize: I have a form that posts to the same script that contains
>
I stripped down my original script until it started receiving POST data,
then I kept modifying it until I figured out where the problem was. I
found it, but I'm still as clueless as every.
To summarize: I have a form that posts to the same script that contains
the form. In its original state, w
On 3/2/2005 5:21 PM Richard Lynch wrote:
John Swartzentruber wrote:
ServerName john.swartzentruber.us
ServerAdmin webmasXXXtzentruber.us
DocumentRoot "/var/www/vhosts/swartzentruber.us/john/html"
AllowOverride AuthConfig
Options Indexes Includes FollowSymLinks
John Swartzentruber wrote:
>
> ServerName john.swartzentruber.us
> ServerAdmin webmasXXXtzentruber.us
> DocumentRoot "/var/www/vhosts/swartzentruber.us/john/html"
>
>
> AllowOverride AuthConfig
> Options Indexes Includes FollowSymLinks
> Order al
On 3/2/2005 2:29 PM Richard Lynch wrote:
I've got some more information and I hope someone can help me figure out
the problem. I changed my original PHP program so that the form action
script is a different script. In that file, I just do a var_dump on
$_POST and $_SERVER.
When I do that, it looks
> I've got some more information and I hope someone can help me figure out
> the problem. I changed my original PHP program so that the form action
> script is a different script. In that file, I just do a var_dump on
> $_POST and $_SERVER.
>
> When I do that, it looks like all of the data comes th
>> On the other hand, when the form action script is the *same* script that
>> contains the form, when I do the same var_dumps, the data does *not*
>> have any $_POST data. Also, the _SERVER[REQUEST_METHOD] is "GET", not
>> "POST" in this instance.
>
> My suspicion was that this was what had happen
On 3/2/2005 9:22 AM Jason Barnett wrote:
On the other hand, when the form action script is the *same* script that
contains the form, when I do the same var_dumps, the data does *not*
have any $_POST data. Also, the _SERVER[REQUEST_METHOD] is "GET", not
"POST" in this instance.
My suspicion was tha
>
> I've got some more information and I hope someone can help me figure out
> the problem. I changed my original PHP program so that the form action
> script is a different script. In that file, I just do a var_dump on
> $_POST and $_SERVER.
>
> When I do that, it looks like all of the data come
On 3/1/2005 3:52 PM John Swartzentruber wrote:
On 3/1/2005 2:12 PM Jason Barnett wrote:
John Swartzentruber wrote:
Somehow my PHP 5.0.3 or something is configured incorrectly. When I try
to get past an authentication input, nothing happens. For example, I
have phpMyAdmin configured now to use mysql
On 3/1/2005 2:12 PM Jason Barnett wrote:
John Swartzentruber wrote:
Somehow my PHP 5.0.3 or something is configured incorrectly. When I try
to get past an authentication input, nothing happens. For example, I
have phpMyAdmin configured now to use mysqli, but when I enter the
username and password,
John Swartzentruber wrote:
> Somehow my PHP 5.0.3 or something is configured incorrectly. When I try
> to get past an authentication input, nothing happens. For example, I
> have phpMyAdmin configured now to use mysqli, but when I enter the
> username and password, the screen doesn't change. In pre
Ali wrote:
Hi everyone...
can anyone lead me to a good tutorial on authentication...it wud be good if
i can get a one in connection with a database..
thnks
If you understand portuguese: http://www.educar.pro.br/
---
zerof
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
On Friday 06 February 2004 01:13, Jas wrote:
> Adam Williams wrote:
> > Hi, is there a way to authenticate a username/password someone enters in
> > a form with what is in /etc/passwd?
> Yep, do a search on .htaccess from http://google.com
I'm afraid you may be sending the OP on a wild goose chas
Adam Williams wrote:
Hi, is there a way to authenticate a username/password someone enters in a
form with what is in /etc/passwd?
Thanks!
Yep, do a search on .htaccess from http://google.com
Cheers,
jas
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/un
Transmit Report:
To: [EMAIL PROTECTED], 402 Local User Inbox Full ([EMAIL PROTECTED])
--- Begin Message ---
John Taylor-Johnston wrote:
> if($PHP_AUTH_USER != "user1") || ($PHP_AUTH_PW != "password")
>
> ... or somehting like that. I can't find it in the manual, but it is
> there someplace.
>
John Taylor-Johnston wrote:
> if($PHP_AUTH_USER != "user1") || ($PHP_AUTH_PW != "password")
>
> ... or somehting like that. I can't find it in the manual, but it is
> there someplace.
>
> Adam Williams wrote:
>
>> Hi, is there a PHP function or some sort of way to have a user enter
>> their use
Found this too:
You are not authorised to enter the site
\n";
exit;
} else {
if (!($conn=ora_logon("[EMAIL PROTECTED]",$PHP_AUTH_PW))) {
Header("WWW-authenticate: basic realm=\"$SID\"");
Header("HTTP/1
if($PHP_AUTH_USER != "user1") || ($PHP_AUTH_PW != "password")
... or somehting like that. I can't find it in the manual, but it is there someplace.
Adam Williams wrote:
> Hi, is there a PHP function or some sort of way to have a user enter their
> username and password in a form, and compare the
Just never do it period...that is the best habit to have...
That is poor coding on the programmers part...
On Fri, 2002-11-15 at 00:59, Maxim Maletsky wrote:
> using this method for a production environment is incredibly vulnerable.
> Just think of having a link on that page to some other site (o
using this method for a production environment is incredibly vulnerable.
Just think of having a link on that page to some other site (or even having
a third-party banner displayed) on which there is a hit counter (and on
90% there are) those can simply read the link in their logs.
Never ever use
I've tried both methods without success.
header("Location: http://(user):(pass)@www.mysite.com"); does the transfer
but I still get prompted for a username and password by Apache
readfile("http://(user):(pass)@www.mysite.com"); brings a warning message.
Warning: readfile("http://...@;www.mysite
very true :)
thx - I will keep that in mind...
"Chris Shiflett" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
news:3DC71CBE.2050703@;php.net...
> You can "hide" URLs by fetching them with one of your own PHP scripts:
>
>
> readfile("http://user:password@;www.site.com/");
> ?>
>
> I think it might
You can "hide" URLs by fetching them with one of your own PHP scripts:
http://user:password@;www.site.com/");
?>
I think it might be at least better than frames. :-)
Chris
silver wrote:
you could use this URL syntax:
http://user:password@;www.site.com to automatically log your user in to the
hi - I'm not quite sure if this will help you, but lets give it a try:
you could use this URL syntax:
http://user:password@;www.site.com to automatically log your user in to the
htaccess protected area. the bad thing about it is that user / password show
up in the URL, but you could hide this inf
>I have a user authentication system using sessions
>it checks username and password against a database.
>if correct it sets a variable in the session cookie (via $_SESSION) and
>redirects to the protected page which checks for that variable.
>if the user/pass is wrong it redirects to an error pag
>On my site, when a user logs in, their password is encrypted using md5() and
>the username and encrypted password is then passed from page to page using
>hidden form inputs (clicking on a link submits the form using POST).
>Does anyone have any comments on this method e.g. security wise? I know I
"Harry Yu" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All,
>
> I'm trying to setup an authentication process and
> sessions to protect some of my pages for valid users
> only. The following are what I had in mind:
>
> [...]
Well, looks fine to me, exce
Create another table with info of accounts.
Auth_table
username(varchar)
password(varchar)
acno(int)
accounts_info_table
acno(int)
info1
info2()
Pass a query
==
select * from accounts_info_table where acno==$abc
==
here $abc is the info you extrac
Create another table with info of accounts.
Auth_table
username(varchar)
password(varchar)
acno(int)
accounts_info_table
acno(int)
info1
info2()
Pass a query
==
select * from accounts_info_table where acno==$abc
==
here $abc is the info you extrac
I cannot quote any statistics for you, but I think I can answer your
question anyway.
When you use htaccess along with htpassword or authmysql, everytime a person
requests a page in a protected dirtectory apache has to access the htaccess
file, determine the type of authentication to use and then
Well, your the expert, so I'll look into this further, but do you have
any statistics, or a guess, as to the load auto_prepending an entire
site would add to a server?
I've always been under the impression that adding PHP to every page will
add significant load. I'm not familiar enough with sess
($userid == "somename2" && $password == "somepassword2") ||
($userid == "somename3" && $password == "somepassword3")) {
Martin
-Original Message-
From: Gaylen Fraley [mailto:[EMAIL PROTECTED]]
Sent: Friday, October 26, 2001 2:01
Here would be one of many ways. This assumes that login.php and index.php
are in the same directory.
login.php
User
Password
--
Gaylen
[EMAIL PROTECTED]
http://www.gaylenandmargie.com
PHP KISGB v2.1 Guestbook http://www.gaylenandmargie.com/phpwebsite
"Norman Zhang" <[EMAIL PROTE
AIL PROTECTED]>
To: "Gert Mellak" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, August 27, 2001 9:27 PM
Subject: Re: [PHP] Re: authentication
> It seems like there would be several problems with doing it this way.
> The most obvious is what happens whe
hi!
I ever solve this problem with sessions... when a user does the login, I
have
session_start();
session_register("allowed");
$allowed = true;
and on the top of all the other sites, where just "special" users are
allowed to go in, there is a
include ("checkAllowed.php");
checkAllowed.php ju
44 matches
Mail list logo
