rafdre

Hello, I am trying to find a solution for simple logon script in PHP (but not copy existing one, but try to write and understand it by myself, anyway: free scripts I have found do not solve my problem). I am using PHP 5.0.4 installed on Fedora 4. I want to use .htaccess file in order to protect the folder. Let me explain my problem in details: 1) I have created folder ABC where I put .htaccess file like this: AuthType Basic AuthName "test for authorization" AuthUserFile /var/www/html/passwd/password Require user raf 2) I have added user “ raf “to the file password stored in /var/www/html/passwd/ 3) I have created file test.html in protected folder 4) When I tried to open a file in Browser I was asked for user and password, which works fine. ...and here begins my problem. I don't like window generated by Apache. I want that users will see nice page with logon form, on which user name and password can be entered. In order to do this I have created file welcome.html with form like this: <form method="POST" action="login.php"> <input type="text" size=10 maxlength=10 name="formUser"> <input type="password" size=10 maxlength=10 name="formPassword"> <input type="submit" value="Log in"> </form> My login.php file looks like this: <?php $user = $_POST['formUser']; $pass = $_POST['formPassword']; if (!isset($user) || !isset($pass)) return false; ?> <html> <body> <?php $_SERVER['PHP_AUTH_USER'] = $user; $_SERVER['PHP_AUTH_PW']= $pass; $test1 = $_SERVER['PHP_AUTH_USER']; $test2 = $_SERVER['PHP_AUTH_PW']; print ("Your user: $test1 <br> Your Password : $test2"); ?> </body> </html> Files welcome.html and login.php are one level higher than folder ABC. After I have opened welcome.html I have entered valid user name (raf) and password as defined in .htaccess and password file. As result I saw the message: Your user: raf Your Password : raf Which means login.php works fine. If I try to open test.html stored in the folder ABC I am asked for user and password. Why? I though Apache has registered this after login.php was executed (with $_SERVER['PHP_AUTH_USER']). What I am doing wrong? How should I do it correctly? How can I avoid standard prompt window and pass user and password to Apache in that way (via login.php), that I will be not asked again to enter this and display standard logon window? Next question: how can I log off and enter folder with different user. Regards Rafal

I have found solution. Problem was here: AuthMySQLUser “root” AuthMySQLPassword “” I have created user rafal with password rafal and changed these lines to: AuthMySQLUser rafal AuthMySQLPassword rafal and it works fine regards Rafal

Hello, I have the same problem...so I you have solution, please keep me posted. regards Rafal

Thanks, ..and how about the problem with user and password? Any idea what could be a problem here. I have double checked in mySQL DB (testDB) and I have there user "rafal" with password "rafal", so there aren't any special characters. Encryption is not in use. User and password was created using phpMyAdmin (insert new entry in the table user_info). Everything seems to be correct and file .htaccess also is not wrong (there is no error message, but message: Authorization Required). Does anybody knows how this should work (AuthMySQL)? How the system remember users, who loged on? With cookie? Regarding AuthMySQL. Do I have to put these information in .htaccess?: AuthMySQLUser “root” AuthMySQLPassword “” This is user and password for mySQL. Maybe here is someting wrong? In the internet I have found an example without these lines in .htaccess Thank you in advance for help regards Rafal

Hello, I want to write some PHP scripts for my page, where I want to have some areas only for registered members, but I have some problems. I have configured my .htaccess file like this: AuthName "MySQL Testing" AuthType Basic AuthMySQLHost localhost AuthMySQLUser “root” AuthMySQLPassword “” AuthMySQLDB testDB AuthMySQLUserTable user_info AuthMySQLNameField user_name AuthMySQLPasswordField user_passwd AuthMySQLPwEncryption none AuthMySQLEnable On require valid-user This file is in my protected folder. If I try to read HTML file stored there, I see logon window named "MySQL Testing". Everything seems to be ok, but it isn’t. I have put correct user name and password and system does not allow me to read the file. I see following message: Authorization Required This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required. Why is that? What could be wrong here? For sure not .htaccess. Why browser could not recognize information I have entered? Next question: Could somebody send me mall example, how to have another Login Box using PHP script? I want to have something like login.php . if user tries to read a document from protected directory, he should see login page written in php. regards Rafal