Jump to content


HTTP Authenication

  • Please log in to reply
2 replies to this topic

#1 aaronrb

  • Members
  • PipPipPip
  • Advanced Member
  • 32 posts

Posted 27 March 2006 - 08:20 PM

hey All, i have cheked out about 4tutorials on Http authentication including the one on php freaks, which was the first.

i am having some problems with it,

being that i put the username and password in and all it does is reopen the password box.

i did think that maybe my host doesnt allow this, if that is possible, but then i thought again that it would display the losing box.

here is my code.

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]

$auth = false; // Assume user is not authenticated

if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {

// Connect to MySQL

mysql_connect( 'db1.awardspace.co.uk', 'tkd1987_aaron', 'raymond' )
or die ( 'Unable to connect to server.' );

// Select database on MySQL server

mysql_select_db( 'tkd1987_aaron' )
or die ( 'Unable to select database.' );

// Formulate the query

$sql = "SELECT * FROM users WHERE
username = '$PHP_AUTH_USER' AND
password = '$PHP_AUTH_PW'";

// Execute the query and put results in $result

$result = mysql_query( $sql )
or die ( 'Unable to execute query.' );

// Get number of rows in $result.

$num = mysql_numrows( $result );

if ( $num != 0 ) {

// A matching row was found - the user is authenticated.

$auth = true;



if ( ! $auth ) {

header( 'WWW-Authenticate: Basic realm="Private"' );
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Authorization Required.';

} else {

echo '<P>You are authorized!</P>';


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
<meta name="generator" content="Adobe GoLive">
<title>Untitled Page</title>

<body bgcolor="#ffffff">
<p>Login Successful:</p>


#2 toplay

  • Staff Alumni
  • Advanced Member
  • 973 posts

Posted 27 March 2006 - 08:41 PM

HTTP Basic authentication only will work if Apache is running as a module.

Those variables will only work if you have register_globals on. It's best to keep it off and use $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] instead. See:

[a href=\"http://us3.php.net/manual/en/features.http-auth.php\" target=\"_blank\"]http://us3.php.net/manual/en/features.http-auth.php[/a]

How did you set the passwords to begin with?

#3 aaronrb

  • Members
  • PipPipPip
  • Advanced Member
  • 32 posts

Posted 28 March 2006 - 08:31 AM

ok, cool, but i havent got a clue whether apache is running or not, as i am using a free web host, and i cant find any info on that.

as for username and password, they are in a mysql database.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users