Jump to content


Photo

authentication problem


  • Please log in to reply
No replies to this topic

#1 dthomp325

dthomp325
  • New Members
  • Pip
  • Newbie
  • 1 posts

Posted 06 June 2006 - 11:24 PM

I am using the PHP authentication system with usernames and passwords stored in a database. My code works just fine with Firefox, but with IE, I do not get authenticated. What am I doing wrong? Here is my login code:


<?php
session_start();
session_register('login');
session_register('username');
session_register('password');

#get login user and pass
if(!$HTTP_SESSION_VARS['login']){
$HTTP_SESSION_VARS['login'] = 1;
header('WWW-Authenticate: Basic realm="****"');
header('http/1.0 401 Unauthorized');
echo 'Login was not successful.
E-mail web master if problems persist.';
exit;
}

#check login with database
$auth = 0;
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
if( isset($user) && isset($pass)){

#check user name and password in DB
require_once('DB.php');
$db=DB::connect("pgsql://wwwrun:wwwrun@localhost/***");
if(DB::isError($db)){ die("Login Error\n"); }

$sql = "SELECT count(*)
FROM users
WHERE username = '$user'
AND password = md5('$pass')
";
$r=$db->query($sql);
if(DB::isError($r)) die("Login Error\n");
$row = $r->fetchRow();
if($row[0] == 1){
$auth = 1;
$HTTP_SESSION_VARS['login'] = 1;
$HTTP_SESSION_VARS['username'] = $user;
$HTTP_SESSION_VARS['password'] = $pass;
}
}

#determine if login worked or not
if( !$auth ){
header('WWW-Authenticate: Basic realm="****"');
header('http/1.0 401 Unauthorized');
echo 'Login was not successful.
E-mail web master if problems persist.';
exit;
}
else{
header('Location: http://*****');
}
?>


When accessing this page, the authentication box pops up in IE, but after entering my login information, it spits out the 401/error message contained in the if(!$HTTP_SESSION_VARS['login']) statement.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users