Just a quicky, I am trying to do a bit of user authentication,
I have database called software. Inside software i have a table called users.
I have managed to cobble together some php code that prompts me for username and password. It's supposed to check the username and password i answer is in the table users and then let me in. However ti doesn't seem to do this. I have two pages
Code: Select all
<?php
// File Name: auth04.php
// Check to see if $PHP_AUTH_USER already contains info
if (!isset($PHP_AUTH_USER)) {
// If empty, send header causing dialog box to appear
header('WWW-Authenticate: Basic realm="My Private Stuff"');
header('HTTP/1.0 401 Unauthorized');
exit;
} else if (isset($PHP_AUTH_USER)) {
// If non-empty, check the database for matches
// connect to MySQL
mysql_connect('localhost', 'phpuser', 'phpuser03')or die ("Database connection error");
mysql_select_db('software')
or die ("Unable to select database.");
// Formulate the query
$sql = "SELECT *
FROM users
WHERE username='$PHP_AUTH_USER' and password='$PHP_AUTH_PW'";
// Execute the query and put results in $result
$result = mysql_query($sql);
// Get number of rows in $result. 0 if invalid, 1 if valid.
$num = mysql_numrows($result);
if ($num != "0") {
echo "<P>You're authorized!</p>";
exit;
} else {
header('WWW-Authenticate: Basic realm="My Private Stuff"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
exit;
}
}
?>This is the second page
Code: Select all
<?php
mysql_connect('localhost', 'phpuser', 'phpuser03')or die ("Database connection error");
mysql_select_db('software')
or die ("Unable to select database.");
$sql = "SELECT *
FROM users
WHERE username='$PHP_AUTH_USER' and password='$PHP_AUTH_PW'";
// Execute the query and put results in $result
$result = mysql_query($sql);
// Get number of rows in $result. 0 if invalid, 1 if valid.
$num = mysql_numrows($result);
?>Any help would be great