Useing Authentication for users problem
Posted: Tue Sep 28, 2010 4:54 pm
hi, im trying to set up a login set But im unsure if im doing this correctly, any advice would be great
It seems to only half work?? I want to use md5 to send the info but i have no idear how to do it or even sure if thats the way to go,,, as i said any advice would be great also I would like to mention I can't seem to clear the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW']variables or it seems to be stuck to the last login detail so i can't try to type the password in again
Code: Select all
<?php
include_once($_SERVER['DOCUMENT_ROOT'].'/includes/global.php');
$d = new User();
$d->connect(HOST, USERNAME, PASSWORD, DATABASE);
//if the use hits cancle do this stuff
if (!isset($_SERVER['PHP_AUTH_USER']))
{
header('WWW-Authenticate: Basic realm="Sales Coastal Coasters"');
header('HTTP/1.0 401 Unauthorized');
echo 'Text to send if user hits Cancel button';
exit;
}
// checks the user_name and pass_word with query, if found directs them to info.php
// would like to send this stuff with md5 but have no idear how
else {
$d->query("SELECT * FROM sales_people WHERE user_name ='{$_SERVER['PHP_AUTH_USER']}' && pass_word = '{$_SERVER['PHP_AUTH_PW']}';");
if ($d->next())
{
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
$extra = 'info.php';
header("Location: http://$host$uri/$extra");
}
else
{
//If fail sends to other page
header("HTTP/1.0 401 Unauthorized");
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
$extra = 'login.php';
header("Location: http://$host$uri/$extra");
print "Sorry - you need valid credentials to be granted access!\n";
exit;
}
}
?>