Learning PHP and MySQL

Monday, September 25, 2006

Example 13-15 Destroying a session

<?php session_start();
//  Do  some  miscellaneous  work
$_SESSION['username']  =  'Michele';
//  Logout  of  the  site session_destroy();
echo  "At  this  point  we  can  still  see  the  value  of  username  as
".$_SESSION['username']."<br  />";
$_SESSION  =  array();
echo  "Now  the  value  of  username  is  blank:  ".$_SESSION['username'];
?>

Posted by krautgrrl on 09/25 at 11:44 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-16 Session timeout

<IfModule  mod_php4.c>
php_value  session.gc_maxlifetime  "14400"
</IfModule>

The value that comes after sessions.gc_maxlifetime is in hundredths of a second, so, if you want a session timeout of 30 minutes, you would use a value of 18000.

Posted by krautgrrl on 09/25 at 11:45 AM
Chapter 13 Code • (0) Comments • (1) TrackbacksPermalink

Example 13-17 pear install Auth output

downloading  Auth-1.2.3.tgz  ...
Starting  to  download  Auth-1.2.3.tgz  (24,040  bytes)
........done:  24,040  bytes
Optional  dependencies:
package  `File_Passwd'  version  >=  0.9.5  is  recommended  to  utilize  some  features. package  `Net_POP3'  version  >=  1.3  is  recommended  to  utilize  some  features. package  `MDB'  is  recommended  to  utilize  some  features.
package  `Auth_RADIUS'  is  recommended  to  utilize  some  features. package  `File_SMBPasswd'  is  recommended  to  utilize  some  features. install  ok:  Auth  1.2.3

Posted by krautgrrl on 09/25 at 11:46 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-18 pear install Auth_HTTP output

downloading  Auth_HTTP-2.1.6.tgz  ...
Starting  to  download  Auth_HTTP-2.1.6.tgz  (9,327  bytes)
.....done:  9,327  bytes install  ok:  Auth_HTTP  2.1.6

Posted by krautgrrl on 09/25 at 11:47 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-19 Using Auth_HTTP to authenticate a user

<?php
//  Using  Auth_HTTP  to  limit  access require_once('db_login.php'); require_once("Auth/HTTP.php");
//  We  use  the  same  connection  string  as  the  pear  DB  functions
$AuthOpts  =  array(
'dsn'  =>  "mysql://$db_username:$db_password@$db_host/$db_database",
'table'  =>  "users",  //  your  table  name
'usernamecol'  =>  "username",  //  the  table  username  column
'passwordcol'  =>  "password",  //  the  table  password  column
'cryptType'  =>  "md5",  //  password  encryption  type
);
$authenticate  =  new  Auth_HTTP("DB",  $AuthOpts);
//  Set  the  realm  name
$authenticate->setRealm('Member  Area');
//  Authentication  failed  error  message
$authenticate->setCancelText('<h2>Access  Denied</h2>');
//  Request  authentication
$authenticate->start();
//  compare  username  and  password  to  stored  values if  ($authenticate->getAuth()){
echo  "Welcome  back  to  our  site  ".$authenticate->username.".";
}
?>

Posted by krautgrrl on 09/25 at 11:48 AM
Chapter 13 Code • (27) Comments • (1) TrackbacksPermalink

Example 13-2 Viewing the username cookie

<?php
if  (!isset($_COOKIE['username']))
{
echo  ("Opps,  the  cookie  isn't  set!");
}
else
{
echo  ("The  stored  username  is  ".  $_COOKIE['username']  .  ".");
}
?>

This code displays with the stored username:

The stored username is michele.

Posted by krautgrrl on 09/25 at 11:24 AM
Chapter 13 Code • (1) Comments • (0) TrackbacksPermalink

Example 13-20 Retrieving additional information for the user

<?php
//  Example  of  Auth_HTTP  the  also  returns  additional  information require_once('db_login.php');
require_once("Auth/HTTP.php");
//  We  use  the  same  connection  string  as  the  pear  DB  functions
$AuthOptions  =  array(
'dsn'=>"mysql://$db_username:$db_password@$db_host/$db_database",
'table'=>"users",  //  your  table  name
'usernamecol'=>"username",  //  the  table  username  column
'passwordcol'=>"password",  //  the  table  password  column
'cryptType'=>"md5",  //  password  encryption  type  in  your  db
'db_fields'=>"*",  //  enabling  fetch  for  other  db  columns
);
$authenticate  =  new  Auth_HTTP("DB",  $AuthOptions);
//  Set  the  realm  name
$authenticate->setRealm('Member  Area');
//  Authentication  failed  error  message
$authenticate->setCancelText('<h2>Access  Denied</h2>');
//  Request  authentication
$authenticate->start();
//  compare  username  and  password  to  stored  values if($authenticate->getAuth()){
echo  "Welcome  back  to  our  site  ".$authenticate->username.".<br  />";
echo  "Your  full  name  is  ";
echo  $authenticate->getAuthData('first_name');
echo  "  ";
echo  $authenticate->getAuthData('last_name').".";
}
?>

Posted by krautgrrl on 09/25 at 11:49 AM
Chapter 13 Code • (0) Comments • (178) TrackbacksPermalink

Example 13-3 Destroying a cookie by expiring it in the recent past

<?php
//remember  that  setcookie  must  come  before  any  other  line  that  generates  output setcookie("username","",  time()-10  );
echo  'Rosebud.';
?>

Example 13-3 returns:

Rosebud.

Posted by krautgrrl on 09/25 at 11:25 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-4 Using HTTP authentication with a PHP script

<?php
if  (!isset($_SERVER['PHP_AUTH_USER'])  ||  !isset($_SERVER['PHP_AUTH_PW']))  {
header('WWW-Authenticate:  Basic  realm="Member  Area"');
header("HTTP/1.0  401  Unauthorized");
echo  "Please  login  with  a  valid  username  and  password.";
exit;
}  else  {
echo  "You  entered  a  username  of:  ".$_SERVER['PHP_AUTH_USER']."  ";
echo  "and  a  password  of:  ".$_SERVER['PHP_AUTH_PW'].".";
}
?>

Posted by krautgrrl on 09/25 at 11:26 AM
Chapter 13 Code • (3) Comments • (0) TrackbacksPermalink

Example 13-5 Checking the values returned from the authentication prompt

<?php
$username  =  'jon_doe';
$password  =  'MyNameIsJonDoe';
if  (!isset($_SERVER['PHP_AUTH_USER'])  ||  !isset($_SERVER['PHP_AUTH_PW']))  {
header('WWW-Authenticate:  Basic  realm="Member  Area"');
header("HTTP/1.0  401  Unauthorized");
echo  "You  must  enter  in  a  username  and  password  combination!";
exit;
}
elseif  (strcmp($_SERVER['PHP_AUTH_USER'],  $username)  !==  0  ||
strcmp($_SERVER['PHP_AUTH_PW'],  $password)  !==  0)  { header('WWW-Authenticate:  Basic  realm="Member  Area"'); header("HTTP/1.0  401  Unauthorized");
echo  "Your  username  and  password  combination  was  incorrect!";
exit;
}
echo("You  have  successfully  logged  in!");
?>

Posted by krautgrrl on 09/25 at 11:27 AM
Chapter 13 Code • (1) Comments • (0) TrackbacksPermalink

Example 13-6 Creating the users table to store login information

CREATE  TABLE  `users`  (
`user_id`  INT  NOT  NULL  AUTO_INCREMENT,
`first_name`  VARCHAR(100),
`last_name`  VARCHAR(100),
`username`  VARCHAR(45),
`password`  CHAR(32), PRIMARY  KEY  (`user_id`));

This code returns:

Query  OK,  0  rows  affected  (0.23  sec)

Posted by krautgrrl on 09/25 at 11:28 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-7 Creating the entry in the database for a user with an encrypted password

INSERT  INTO  users  (`first_name`,  `last_name`,  `username`,  `password`) VALUES
('Michele','Davis',  'mdavis',  MD5('secret'));

Yields:

Query  OK,  1  row  affected  (0.01  sec)

To check that your row was created and see what the MD5 encoding function returned, you query the users table:

SELECT  *  FROM  users;

Posted by krautgrrl on 09/25 at 11:29 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-8 The database login details

<?php
$db_host='localhost';
$db_database='test';
$db_username='test';
$db_password='yourpass';
?>

Posted by krautgrrl on 09/25 at 11:31 AM
Chapter 13 Code • (2) Comments • (0) TrackbacksPermalink

Example 13-9 Verifying a username and password against the database

<?php require_once('db_login.php'); require_once('DB.php');
if  (!isset($_SERVER['PHP_AUTH_USER'])  ||
!isset($_SERVER['PHP_AUTH_PW']))  {
header('WWW-Authenticate:  Basic  realm="Member  Area"');
header("HTTP/1.0  401  Unauthorized");
echo  "You  must  enter  in  a  username  and  password  combination!";
exit;
}
$web_username  =  $_SERVER['PHP_AUTH_USER'];
$web_password  =  $_SERVER['PHP_AUTH_PW'];
$connection  =  DB::connect("mysql://$db_username:$db_password@$db_host/$db_database");
if  (DB::isError($connection)){
die  ("Could  not  connect  to  the  database:  <br  />".  DB::errorMessage($connection));
}
$query  =  "SELECT  `user_id`,  `username`  FROM  `users`  WHERE
`username`='".$web_username."'  AND  `password`=MD5('".$web_password."')  LIMIT  1";
$result  =  $connection->query($query);
if  (DB::isError($result)){
die("Could  not  query  the  database:  <br  />".$query."  ".DB::errorMessage($result));
}
if  (!$row  =  $result->fetchRow(DB_FETCHMODE_ASSOC))  { header('WWW-Authenticate:  Basic  realm="Member  Area"'); header("HTTP/1.0  401  Unauthorized");
echo  "Your  username  and  password  combination  was  incorrect!";
exit;
}
echo("You  have  successfully  logged  in  as  ".$row['username']."!");
?>

Posted by krautgrrl on 09/25 at 11:31 AM
Chapter 13 Code • (1) Comments • (0) TrackbacksPermalink

Example 14-1 Using Apache authentication to restrict access to scripts

AuthType  Basic
AuthName  "Administrators  Only"
AuthUserFile  /usr/local/apache/passwd/passwords
Require  valid-user

Posted by krautgrrl on 09/25 at 11:51 AM
Chapter 14 Code • (0) Comments • (0) TrackbacksPermalink
Page 12 of 15 pages « First  <  10 11 12 13 14 >  Last »

Statistics

This page has been viewed 187007 times
Page rendered in 0.4841 seconds
Total Entries: 224
Total Comments: 16
Total Trackbacks: 307338
Most Recent Entry: 09/27/2006 12:39 pm
Most Recent Comment on: 10/26/2007 10:00 am
Total Members: 2
Total Logged in members: 0
Total guests: 4
Total anonymous users: 0
Most Recent Visitor on: 01/06/2009 08:28 pm
The most visitors ever was 1103 on 11/20/2007 12:50 pm

Referrers

Powered by ExpressionEngine