Learning PHP and MySQL

Monday, September 25, 2006

Example 13-11 Registering a variable with session_register

<?php
//DON'T  USE  THIS  APPROACH session_start(); session_register("hello");
$hello  =  "Hello  World";
?>

Modern PHP interpreters return a warning with this code:

Warning:  Unknown():  Your  script  possibly  relies  on  a  session  side-effect  which existed  until  PHP  4.2.3.  Please  be  advised  that  the  session  extension  does  not consider  global  variables  as  a  source  of  data,  unless  register_globals  is  enabledYou  can  disable  this  functionality  and  this  warning  by  setting
session.bug_compat_42  or  session.bug_compat_warn  to  off,  respectively.  in  Unknown on  line  0

Posted by krautgrrl on 09/25 at 11:33 AM
Chapter 13 Code • (0) Comments • (1) TrackbacksPermalink

Example 13-12 Registering a variable by including it in $_SESSION

<?php session_start();
$_SESSION['hello']  =  'Hello  World';
echo  $_SESSION['hello'];
?>

Posted by krautgrrl on 09/25 at 11:35 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-13 Referencing a variable set on a prior page in the session

<?php session_start();
echo  $_SESSION['hello'];
?>

Posted by krautgrrl on 09/25 at 11:36 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-14 Checking to see whether a user is valid

<?php 
session_start();
require_once('db_login.php');
require_once('DB.php');
if  (empty($_SESSION['user_id']))  {
if  (!isset($_SERVER['PHP_AUTH_USER'])  ||  !isset($_SERVER['PHP_AUTH_PW']))  {
header('WWW-Authenticate:  Basic  realm="Member  Area"');
header("HTTP/1.0  401  Unauthorized");
echo  "You  must  enter  in  a  username  and  password  combination!";
exit;
}
$connection  =  DB::connect("mysql://$db_username:$db_password@$db_host/$db_database");
if  (DB::isError($connection)){
die  ("Could  not  connect  to  the  database:  <br  />".  DB::errorMessage($connection));
}
$username  =  mysql_real_escape_string($_SERVER['PHP_AUTH_USER']);
$password  =  mysql_real_escape_string($_SERVER['PHP_AUTH_PW']);
$query  =  "SELECT  `user_id`,  `username`  FROM  `users`  WHERE
`username`='".$username."'  AND  `password`=MD5('".$password."')  LIMIT  1";
$result  =  $connection->query($query);
if(!($row  =  $result->fetchRow(DB_FETCHMODE_ASSOC)))  { header('WWW-Authenticate:  Basic  realm="Member  Area"'); header("HTTP/1.0  401  Unauthorized");
echo  "Your  username  and  password  combination  was  incorrect!";
exit;
}
$_SESSION['user_id']  =  $row['user_id'];
$_SESSION['username']  =  $row['username'];
}
echo  "You  have  successfully  logged  in  as  ".$_SESSION["username"].".";
?>

Posted by krautgrrl on 09/25 at 11:43 AM
Chapter 13 Code • (26) Comments • (30) TrackbacksPermalink

Example 13-15 Destroying a session

<?php session_start();
//  Do  some  miscellaneous  work
$_SESSION['username']  =  'Michele';
//  Logout  of  the  site session_destroy();
echo  "At  this  point  we  can  still  see  the  value  of  username  as
".$_SESSION['username']."<br  />";
$_SESSION  =  array();
echo  "Now  the  value  of  username  is  blank:  ".$_SESSION['username'];
?>

Posted by krautgrrl on 09/25 at 11:44 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-16 Session timeout

<IfModule  mod_php4.c>
php_value  session.gc_maxlifetime  "14400"
</IfModule>

The value that comes after sessions.gc_maxlifetime is in hundredths of a second, so, if you want a session timeout of 30 minutes, you would use a value of 18000.

Posted by krautgrrl on 09/25 at 11:45 AM
Chapter 13 Code • (0) Comments • (1) TrackbacksPermalink

Example 13-17 pear install Auth output

downloading  Auth-1.2.3.tgz  ...
Starting  to  download  Auth-1.2.3.tgz  (24,040  bytes)
........done:  24,040  bytes
Optional  dependencies:
package  `File_Passwd'  version  >=  0.9.5  is  recommended  to  utilize  some  features. package  `Net_POP3'  version  >=  1.3  is  recommended  to  utilize  some  features. package  `MDB'  is  recommended  to  utilize  some  features.
package  `Auth_RADIUS'  is  recommended  to  utilize  some  features. package  `File_SMBPasswd'  is  recommended  to  utilize  some  features. install  ok:  Auth  1.2.3

Posted by krautgrrl on 09/25 at 11:46 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-18 pear install Auth_HTTP output

downloading  Auth_HTTP-2.1.6.tgz  ...
Starting  to  download  Auth_HTTP-2.1.6.tgz  (9,327  bytes)
.....done:  9,327  bytes install  ok:  Auth_HTTP  2.1.6

Posted by krautgrrl on 09/25 at 11:47 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-19 Using Auth_HTTP to authenticate a user

<?php
//  Using  Auth_HTTP  to  limit  access require_once('db_login.php'); require_once("Auth/HTTP.php");
//  We  use  the  same  connection  string  as  the  pear  DB  functions
$AuthOpts  =  array(
'dsn'  =>  "mysql://$db_username:$db_password@$db_host/$db_database",
'table'  =>  "users",  //  your  table  name
'usernamecol'  =>  "username",  //  the  table  username  column
'passwordcol'  =>  "password",  //  the  table  password  column
'cryptType'  =>  "md5",  //  password  encryption  type
);
$authenticate  =  new  Auth_HTTP("DB",  $AuthOpts);
//  Set  the  realm  name
$authenticate->setRealm('Member  Area');
//  Authentication  failed  error  message
$authenticate->setCancelText('<h2>Access  Denied</h2>');
//  Request  authentication
$authenticate->start();
//  compare  username  and  password  to  stored  values if  ($authenticate->getAuth()){
echo  "Welcome  back  to  our  site  ".$authenticate->username.".";
}
?>

Posted by krautgrrl on 09/25 at 11:48 AM
Chapter 13 Code • (27) Comments • (1) TrackbacksPermalink

Example 13-2 Viewing the username cookie

<?php
if  (!isset($_COOKIE['username']))
{
echo  ("Opps,  the  cookie  isn't  set!");
}
else
{
echo  ("The  stored  username  is  ".  $_COOKIE['username']  .  ".");
}
?>

This code displays with the stored username:

The stored username is michele.

Posted by krautgrrl on 09/25 at 11:24 AM
Chapter 13 Code • (1) Comments • (0) TrackbacksPermalink

Example 13-20 Retrieving additional information for the user

<?php
//  Example  of  Auth_HTTP  the  also  returns  additional  information require_once('db_login.php');
require_once("Auth/HTTP.php");
//  We  use  the  same  connection  string  as  the  pear  DB  functions
$AuthOptions  =  array(
'dsn'=>"mysql://$db_username:$db_password@$db_host/$db_database",
'table'=>"users",  //  your  table  name
'usernamecol'=>"username",  //  the  table  username  column
'passwordcol'=>"password",  //  the  table  password  column
'cryptType'=>"md5",  //  password  encryption  type  in  your  db
'db_fields'=>"*",  //  enabling  fetch  for  other  db  columns
);
$authenticate  =  new  Auth_HTTP("DB",  $AuthOptions);
//  Set  the  realm  name
$authenticate->setRealm('Member  Area');
//  Authentication  failed  error  message
$authenticate->setCancelText('<h2>Access  Denied</h2>');
//  Request  authentication
$authenticate->start();
//  compare  username  and  password  to  stored  values if($authenticate->getAuth()){
echo  "Welcome  back  to  our  site  ".$authenticate->username.".<br  />";
echo  "Your  full  name  is  ";
echo  $authenticate->getAuthData('first_name');
echo  "  ";
echo  $authenticate->getAuthData('last_name').".";
}
?>

Posted by krautgrrl on 09/25 at 11:49 AM
Chapter 13 Code • (0) Comments • (178) TrackbacksPermalink

Example 13-3 Destroying a cookie by expiring it in the recent past

<?php
//remember  that  setcookie  must  come  before  any  other  line  that  generates  output setcookie("username","",  time()-10  );
echo  'Rosebud.';
?>

Example 13-3 returns:

Rosebud.

Posted by krautgrrl on 09/25 at 11:25 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink

Example 13-4 Using HTTP authentication with a PHP script

<?php
if  (!isset($_SERVER['PHP_AUTH_USER'])  ||  !isset($_SERVER['PHP_AUTH_PW']))  {
header('WWW-Authenticate:  Basic  realm="Member  Area"');
header("HTTP/1.0  401  Unauthorized");
echo  "Please  login  with  a  valid  username  and  password.";
exit;
}  else  {
echo  "You  entered  a  username  of:  ".$_SERVER['PHP_AUTH_USER']."  ";
echo  "and  a  password  of:  ".$_SERVER['PHP_AUTH_PW'].".";
}
?>

Posted by krautgrrl on 09/25 at 11:26 AM
Chapter 13 Code • (3) Comments • (0) TrackbacksPermalink

Example 13-5 Checking the values returned from the authentication prompt

<?php
$username  =  'jon_doe';
$password  =  'MyNameIsJonDoe';
if  (!isset($_SERVER['PHP_AUTH_USER'])  ||  !isset($_SERVER['PHP_AUTH_PW']))  {
header('WWW-Authenticate:  Basic  realm="Member  Area"');
header("HTTP/1.0  401  Unauthorized");
echo  "You  must  enter  in  a  username  and  password  combination!";
exit;
}
elseif  (strcmp($_SERVER['PHP_AUTH_USER'],  $username)  !==  0  ||
strcmp($_SERVER['PHP_AUTH_PW'],  $password)  !==  0)  { header('WWW-Authenticate:  Basic  realm="Member  Area"'); header("HTTP/1.0  401  Unauthorized");
echo  "Your  username  and  password  combination  was  incorrect!";
exit;
}
echo("You  have  successfully  logged  in!");
?>

Posted by krautgrrl on 09/25 at 11:27 AM
Chapter 13 Code • (1) Comments • (0) TrackbacksPermalink

Example 13-6 Creating the users table to store login information

CREATE  TABLE  `users`  (
`user_id`  INT  NOT  NULL  AUTO_INCREMENT,
`first_name`  VARCHAR(100),
`last_name`  VARCHAR(100),
`username`  VARCHAR(45),
`password`  CHAR(32), PRIMARY  KEY  (`user_id`));

This code returns:

Query  OK,  0  rows  affected  (0.23  sec)

Posted by krautgrrl on 09/25 at 11:28 AM
Chapter 13 Code • (0) Comments • (0) TrackbacksPermalink
Page 2 of 5 pages  <  1 2 3 4 >  Last »

Statistics

This page has been viewed 375220 times
Page rendered in 0.3061 seconds
Total Entries: 224
Total Comments: 16
Total Trackbacks: 307338
Most Recent Entry: 09/27/2006 12:39 pm
Most Recent Comment on: 10/26/2007 10:00 am
Total Members: 2
Total Logged in members: 0
Total guests: 8
Total anonymous users: 0
Most Recent Visitor on: 02/10/2012 09:48 am
The most visitors ever was 1103 on 11/20/2007 12:50 pm

Referrers

Powered by ExpressionEngine