PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
ol4pr0
Forum Regular
Posts: 926 Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador
Post
by ol4pr0 » Sun Jul 18, 2004 1:19 am
This code keeps asking me for the user and password. test, test cant be that hard to get wrong.
Code: Select all
$crsalt = "aB";
$usertable = "users";
function check_auth() {
global $sqlhost, $sqllogin, $sqlpass, $dbname, $crsalt, $users;
global $PHP_AUTH_USER, $PHP_AUTH_PW;
if (!isset($PHP_AUTH_USER)) {
header('WWW-Authenticate: Basic realm="Admin Area"');
header("HTTP/1.0 401 Unauthorized");
print "<b>Wrong password or you don't have access.</b>";
exit;
} else if (isset($PHP_AUTH_USER)) {
mysql_connect($sqlhost, $sqllogin, $sqlpass);
mysql_select_db($dbname);
$pass = crypt($PHP_AUTH_PW,$crsalt);
$res = mysql_query("SELECT * FROM users WHERE username='$PHP_AUTH_USER' AND encrpass='$pass'");
$pres = mysql_query("SELECT * FROM users WHERE username='$PHP_AUTH_USER'");
$row = mysql_fetch_array($pres);
$tmppass = $row["tmppass"];
if ($tmppass) {mysql_query("UPDATE users SET tmppass=encrpass, encrpass='$tmppass' WHERE username='$PHP_AUTH_USER'");}
$num = mysql_numrows($res);
if ($num != "0") {
return 1;
} else {
header('WWW-Authenticate: Basic realm="Admin Area"');
header("HTTP/1.0 401 Unauthorized");
print "<b>Wrong password or you don't have access.</b>";
exit();
}
}
}
?>
On other page
Code: Select all
<?php
require "foo.php";
check_auth();
?>
Logged in: <?php echo $PHP_AUTH_USER; ?><br><br>
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Sun Jul 18, 2004 1:56 am
have you tried it with $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] ?
ol4pr0
Forum Regular
Posts: 926 Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador
Post
by ol4pr0 » Sun Jul 18, 2004 2:17 am
I did that gives me an error in global $_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']
unexpected [
ol4pr0
Forum Regular
Posts: 926 Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador
Post
by ol4pr0 » Sun Jul 18, 2004 2:21 am
hmm.. thought i would need that
ol4pr0
Forum Regular
Posts: 926 Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador
Post
by ol4pr0 » Sun Jul 18, 2004 2:22 am
Still doesnt work tho.
Code: Select all
function check_auth() {
global $sqlhost, $sqllogin, $sqlpass, $dbname, $crsalt, $users;
//global $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'];
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="Admin Area"');
header("HTTP/1.0 401 Unauthorized");
print "<b>Wrong password or you don't have access.</b>";
exit;
} else if (isset($_SERVER['PHP_AUTH_USER'])) {
mysql_connect($sqlhost, $sqllogin, $sqlpass);
mysql_select_db($dbname);
$pass = crypt($_SERVER['PHP_AUTH_PW'],$crsalt);
$res = mysql_query("SELECT * FROM users WHERE username='".$_SERVER['PHP_AUTH_USER']."' AND encrpass='$pass'");
$pres = mysql_query("SELECT * FROM users WHERE username='".$_SERVER['PHP_AUTH_USER']."'");
$row = mysql_fetch_array($pres);
$tmppass = $row["tmppass"];
if ($tmppass) {mysql_query("UPDATE users SET tmppass=encrpass, encrpass='$tmppass' WHERE username='".$_SERVER['PHP_AUTH_USER']."'");}
$num = mysql_numrows($res);
if ($num != "0") {
return 1;
} else {
header('WWW-Authenticate: Basic realm="Admin Area"');
header("HTTP/1.0 401 Unauthorized");
print "<b>Wrong password or you don't have access.</b>";
exit();
}
}
}
?>
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Sun Jul 18, 2004 2:26 am
I meant more like
Code: Select all
<?php
$crsalt = "aB";
$usertable = "users";
function check_auth() {
global $sqlhost, $sqllogin, $sqlpass, $dbname, $crsalt, $users;
$user = (isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '');
$pwd = (isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '');
if (empty($user) || empty($pwd)) {
header('WWW-Authenticate: Basic realm="Admin Area"');
header("HTTP/1.0 401 Unauthorized");
print "<b>Wrong password or you don't have access.</b>";
exit;
} else {
mysql_connect($sqlhost, $sqllogin, $sqlpass);
mysql_select_db($dbname);
$pass = crypt($pwd,$crsalt);
$res = mysql_query("SELECT * FROM users WHERE username='$user' AND encrpass='$pass'");
$pres = mysql_query("SELECT * FROM users WHERE username='$user'");
$row = mysql_fetch_array($pres);
$tmppass = $row["tmppass"];
if ($tmppass) {mysql_query("UPDATE users SET tmppass=encrpass, encrpass='$tmppass' WHERE username='$user'");}
$num = mysql_numrows($res);
if ($num != "0") {
return 1;
} else {
header('WWW-Authenticate: Basic realm="Admin Area"');
header("HTTP/1.0 401 Unauthorized");
print "<b>Wrong password or you don't have access.</b>";
exit();
}
}
}
?>
[edit: hmm.. not too sure then..]
ol4pr0
Forum Regular
Posts: 926 Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador
Post
by ol4pr0 » Sun Jul 18, 2004 2:29 am
Sorry man, this is making me kinda.. lol..
However as you can guess it didnt work. What is going wrong ?
Got php5 now installed ? should that have anything to do withit >?
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Sun Jul 18, 2004 2:32 am
you sure mysql is plugged in and working in php?
ol4pr0
Forum Regular
Posts: 926 Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador
Post
by ol4pr0 » Sun Jul 18, 2004 2:36 am
Yep absolutely..
all is fully working as it should.
have some pages in other dir.. and they connect just fine
And to be sure i didnt mistype anything i used
login = t
pass = t (aBSfnUTuie/g2 in database)
and added
mysql from phpinfo
mysql
MySQL Support enabled
Active Persistent Links 0
Active Links 0
Client API version 3.23.57
Directive Local Value Master Value
mysql.allow_persistent On On
mysql.connect_timeout 60 60
mysql.default_host no value no value
mysql.default_password no value no value
mysql.default_port no value no value
mysql.default_socket no value no value
mysql.default_user no value no value
mysql.max_links Unlimited Unlimited
mysql.max_persistent Unlimited Unlimited
mysql.trace_mode Off Off
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Sun Jul 18, 2004 2:49 am
have you tried adding some unique echos to see if the 401 is coming from the first or second?
ol4pr0
Forum Regular
Posts: 926 Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador
Post
by ol4pr0 » Sun Jul 18, 2004 5:23 pm
Yea i did however i am not gettning back any echo.s
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Sun Jul 18, 2004 5:28 pm
then you may have a parse error or something, is error_reporting set to E_ALL, and display_errors to 1/true?
ol4pr0
Forum Regular
Posts: 926 Joined: Thu Jan 08, 2004 11:22 am
Location: ecuador
Post
by ol4pr0 » Sun Jul 18, 2004 6:06 pm
They are set.
error_reporting = E_ALL & ~E_NOTICE & ~E_STRICT
display_errors = On