Learning PHP and MySQL

Chapter 13 Code

Monday, September 25, 2006

Example 13-5 Checking the values returned from the authentication prompt

<?php
$username  =  'jon_doe';
$password  =  'MyNameIsJonDoe';
if  (!isset($_SERVER['PHP_AUTH_USER'])  ||  !isset($_SERVER['PHP_AUTH_PW']))  {
header('WWW-Authenticate:  Basic  realm="Member  Area"');
header("HTTP/1.0  401  Unauthorized");
echo  "You  must  enter  in  a  username  and  password  combination!";
exit;
}
elseif  (strcmp($_SERVER['PHP_AUTH_USER'],  $username)  !==  0  ||
strcmp($_SERVER['PHP_AUTH_PW'],  $password)  !==  0)  { header('WWW-Authenticate:  Basic  realm="Member  Area"'); header("HTTP/1.0  401  Unauthorized");
echo  "Your  username  and  password  combination  was  incorrect!";
exit;
}
echo("You  have  successfully  logged  in!");
?>

Posted by krautgrrl on 09/25 at 11:27 AM
Chapter 13 Code • (1) Comments • (0) TrackbacksPermalink

Example 13-6 Creating the users table to store login information

CREATE  TABLE  `users`  (
`user_id`  INT  NOT  NULL  AUTO_INCREMENT,
`first_name`  VARCHAR(100),
`last_name`  VARCHAR(100),
`username`  VARCHAR(45),
`password`  CHAR(32), PRIMARY  KEY  (`user_id`));

This code returns:

Query  OK,  0  rows  affected  (0.23  sec)

Posted by krautgrrl on 09/25 at 11:28 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-7 Creating the entry in the database for a user with an encrypted password

INSERT  INTO  users  (`first_name`,  `last_name`,  `username`,  `password`) VALUES
('Michele','Davis',  'mdavis',  MD5('secret'));

Yields:

Query  OK,  1  row  affected  (0.01  sec)

To check that your row was created and see what the MD5 encoding function returned, you query the users table:

SELECT  *  FROM  users;

Posted by krautgrrl on 09/25 at 11:29 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-8 The database login details

<?php
$db_host='localhost';
$db_database='test';
$db_username='test';
$db_password='yourpass';
?>

Posted by krautgrrl on 09/25 at 11:31 AM
Chapter 13 Code • (2) Comments • (0) TrackbacksPermalink

Example 13-9 Verifying a username and password against the database

<?php require_once('db_login.php'); require_once('DB.php');
if  (!isset($_SERVER['PHP_AUTH_USER'])  ||
!isset($_SERVER['PHP_AUTH_PW']))  {
header('WWW-Authenticate:  Basic  realm="Member  Area"');
header("HTTP/1.0  401  Unauthorized");
echo  "You  must  enter  in  a  username  and  password  combination!";
exit;
}
$web_username  =  $_SERVER['PHP_AUTH_USER'];
$web_password  =  $_SERVER['PHP_AUTH_PW'];
$connection  =  DB::connect("mysql://$db_username:$db_password@$db_host/$db_database");
if  (DB::isError($connection)){
die  ("Could  not  connect  to  the  database:  <br  />".  DB::errorMessage($connection));
}
$query  =  "SELECT  `user_id`,  `username`  FROM  `users`  WHERE
`username`='".$web_username."'  AND  `password`=MD5('".$web_password."')  LIMIT  1";
$result  =  $connection->query($query);
if  (DB::isError($result)){
die("Could  not  query  the  database:  <br  />".$query."  ".DB::errorMessage($result));
}
if  (!$row  =  $result->fetchRow(DB_FETCHMODE_ASSOC))  { header('WWW-Authenticate:  Basic  realm="Member  Area"'); header("HTTP/1.0  401  Unauthorized");
echo  "Your  username  and  password  combination  was  incorrect!";
exit;
}
echo("You  have  successfully  logged  in  as  ".$row['username']."!");
?>

Posted by krautgrrl on 09/25 at 11:31 AM
Chapter 13 Code • (1) Comments • (0) TrackbacksPermalink
Page 2 of 2 pages  <  1 2

Statistics

This page has been viewed 407260 times
Page rendered in 0.4703 seconds
Total Entries: 224
Total Comments: 16
Total Trackbacks: 307338
Most Recent Entry: 09/27/2006 12:39 pm
Most Recent Comment on: 10/26/2007 10:00 am
Total Members: 2
Total Logged in members: 0
Total guests: 9
Total anonymous users: 0
Most Recent Visitor on: 05/19/2012 05:06 am
The most visitors ever was 1103 on 11/20/2007 12:50 pm

Referrers

Powered by ExpressionEngine