jandrews3 Posted February 23, 2008 Share Posted February 23, 2008 I cannot seem to get the following code to work. I call it from another file using a require_once. It does call it, but all that happens is the input popup window says "The name or password sent entered was incorrect. Please try again." No matter what I type, this happens. Thanks for the help. <?php # Script 8.1 - authentication.php $authorized = FALSE; // Initialize a variable. // Check for authentication submission. if ( (isset($_SERVER['PHP_AUTH_USER']) AND isset($_SERVER['PHP_AUTH_PW'])) ) { // Set the database access information as constants. define ('DB_USER', '••••••'); define ('DB_PASSWORD', '••••••'); define ('DB_HOST', '••••••'); define ('DB_NAME', '••••••'); // Make the connnection and then select the database. $dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() ); mysql_select_db (DB_NAME) OR die ('Could not select the database: ' . mysql_error() ); // Query the database. $query = "SELECT lname FROM ithf_auth WHERE username='{$_SERVER['PHP_AUTH_USER']}' and password=PASSWORD('{$_SERVER['PHP_AUTH_PW']}')"; $result = mysql_query ($query); $row = @mysql_fetch_array ($result); if ($row) { // If a record was returned... $authorized = TRUE; } } // If they haven't been authorized, create the pop-up window. if (!$authorized) { header('WWW-Authenticate: Basic realm="My Web Site"'); header('HTTP/1.0 401 Unauthorized'); // For cancellations. } ?> Link to comment https://forums.phpfreaks.com/topic/92643-php-authentication/ Share on other sites More sharing options...
Jessica Posted February 23, 2008 Share Posted February 23, 2008 Why are you using the $_SERVER array for this? Try defining the u and p as constants or variables. Also take the @ off the mysql_fetch_array, you are supressing errors. Add ini_set('display_errors', 1); error_reporting(E_ALL); at the top. Link to comment https://forums.phpfreaks.com/topic/92643-php-authentication/#findComment-474796 Share on other sites More sharing options...
jandrews3 Posted February 23, 2008 Author Share Posted February 23, 2008 I'm sorry. I don't have much experience defining variables as constants. I'm not sure how to code it. Should it be something like this? <?php # Script 8.1 - authentication.php ini_set('display_errors', 1); error_reporting(E_ALL); $authorized = FALSE; // Initialize a variable. // Check for authentication submission. if ( (isset($_SERVER['PHP_AUTH_USER']) AND isset($_SERVER['PHP_AUTH_PW'])) ) { // Set the database access information as constants. define ('DB_USER', '••••••'); define ('DB_PASSWORD', '••••••'); define ('DB_HOST', '••••••'); define ('DB_NAME', '••••••'); define ('USER_NAME', {$_SERVER['PHP_AUTH_USER']}); define ('PASSWORD', {$_SERVER['PHP_AUTH_PW']}); // Make the connnection and then select the database. $dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() ); mysql_select_db (DB_NAME) OR die ('Could not select the database: ' . mysql_error() ); // Query the database. $query = "SELECT lname FROM ithf_auth WHERE username='USERNAME' and password='PASSWORD)"; $result = mysql_query ($query); $row = mysql_fetch_array ($result); if ($row) { // If a record was returned... $authorized = TRUE; } } // If they haven't been authorized, create the pop-up window. if (!$authorized) { header('WWW-Authenticate: Basic realm="My Web Site"'); header('HTTP/1.0 401 Unauthorized'); // For cancellations. } ?> Link to comment https://forums.phpfreaks.com/topic/92643-php-authentication/#findComment-474804 Share on other sites More sharing options...
darkfreaks Posted February 23, 2008 Share Posted February 23, 2008 <?php # Script 8.1 - authentication.php ini_set('display_errors', 1); error_reporting(E_ALL); $authorized = FALSE; // Initialize a variable. $username=$_POST['PHP_AUTH_USER']; $password=md5($_POST['PHP_AUTH_PW']); // Check for authentication submission. if ( (isset($username) AND isset($password)) ) { // Set the database access information as constants. define ('DB_USER', '••••••'); define ('DB_PASSWORD', '••••••'); define ('DB_HOST', '••••••'); define ('DB_NAME', '••••••'); define ('USER_NAME', {$username}); define ('PASSWORD', {$password}); // Make the connnection and then select the database. $dbc = mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() ); mysql_select_db (DB_NAME) OR die ('Could not select the database: ' . mysql_error() ); // Query the database. $query = "SELECT lname FROM ithf_auth WHERE username='USERNAME' and password='PASSWORD)"; $result = mysql_query ($query); $row = mysql_fetch_array ($result); if ($row) { // If a record was returned... $authorized = TRUE; } } // If they haven't been authorized, create the pop-up window. if (!$authorized) { header('WWW-Authenticate: Basic realm="My Web Site"'); header('HTTP/1.0 401 Unauthorized'); // For cancellations. } ?> Link to comment https://forums.phpfreaks.com/topic/92643-php-authentication/#findComment-474810 Share on other sites More sharing options...
jandrews3 Posted February 24, 2008 Author Share Posted February 24, 2008 I'm afraid this gave me an "unexpected '{' error" for the line containing: define ('USER_NAME', {$username}); Link to comment https://forums.phpfreaks.com/topic/92643-php-authentication/#findComment-474822 Share on other sites More sharing options...
darkfreaks Posted February 24, 2008 Share Posted February 24, 2008 that is because you no longer need the brackets it should be <?php define ('USER_NAME', $username); define ('PASSWORD', $password);?> Link to comment https://forums.phpfreaks.com/topic/92643-php-authentication/#findComment-474835 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.