August 29th, 1999, 12:49 PM
|
|
Guest
|
|
Posts: n/a
Time spent in forums:
Reputation Power:
|
|
|
I am trying to use HTML's basic realm authentication scheme. Unfortunately either it ends up not allowing any one to get in or it let any body to get in.
I have setup users to register themselves in a mySQL registration database. How can I check the entered password with the one in the database?
I know the code is getting ugly since I have not much experience in using PHP.
Can some one help...
Here is the code ...
Thanks
<?php
function authenticate() {
Header( "WWW-authenticate: basic realm='My Authentication System'");
Header( "HTTP/1.0 401 Unauthorized");
echo "You must enter a valid login ID and password to access this resourcen";
exit;
}
if (!isset($PHP_AUTH_USER) && !isset($PHP_AUTH_PW)&& !isset($userpasswd)){
authenticate();
}
else {
mysql_connect("localhost", "webuser", "");
$query = "SELECT passwd from clients where userid = '$PHP_AUTH_USER')";
$result = mysql_db_query("registration", $query);
if ($result){
while ($r = mysql_fetch_array($result)) {
$userpasswd = $r["passwd"];
}
if(!($userpasswd == $PHP_AUTH_PW)){
echo "Incorrect password THREE";
exit;
}
elseif(empty($result)){
echo "Incorrect password ONE";
exit;
}
echo "Welcome: $PHP_AUTH_USER<BR>";
echo "You have entered: $PHP_AUTH_PW<BR>";
}
} //end of function authenticate
?>
<body bgcolor='lightyellow'>
...
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
