auth_user
Posted: Sun Jul 18, 2004 1:19 am
This code keeps asking me for the user and password. test, test cant be that hard to get wrong.
On other page
Code: Select all
$crsalt = "aB";
$usertable = "users";
function check_auth() {
global $sqlhost, $sqllogin, $sqlpass, $dbname, $crsalt, $users;
global $PHP_AUTH_USER, $PHP_AUTH_PW;
if (!isset($PHP_AUTH_USER)) {
header('WWW-Authenticate: Basic realm="Admin Area"');
header("HTTP/1.0 401 Unauthorized");
print "<b>Wrong password or you don't have access.</b>";
exit;
} else if (isset($PHP_AUTH_USER)) {
mysql_connect($sqlhost, $sqllogin, $sqlpass);
mysql_select_db($dbname);
$pass = crypt($PHP_AUTH_PW,$crsalt);
$res = mysql_query("SELECT * FROM users WHERE username='$PHP_AUTH_USER' AND encrpass='$pass'");
$pres = mysql_query("SELECT * FROM users WHERE username='$PHP_AUTH_USER'");
$row = mysql_fetch_array($pres);
$tmppass = $row["tmppass"];
if ($tmppass) {mysql_query("UPDATE users SET tmppass=encrpass, encrpass='$tmppass' WHERE username='$PHP_AUTH_USER'");}
$num = mysql_numrows($res);
if ($num != "0") {
return 1;
} else {
header('WWW-Authenticate: Basic realm="Admin Area"');
header("HTTP/1.0 401 Unauthorized");
print "<b>Wrong password or you don't have access.</b>";
exit();
}
}
}
?>Code: Select all
<?php
require "foo.php";
check_auth();
?>
Logged in: <?php echo $PHP_AUTH_USER; ?><br><br>