Learning PHP and MySQL
Monday, September 25, 2006
Example 13-14 Checking to see whether a user is valid
<?php
session_start();
require_once('db_login.php');
require_once('DB.php');
if (empty($_SESSION['user_id'])) {
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
header('WWW-Authenticate: Basic realm="Member Area"');
header("HTTP/1.0 401 Unauthorized");
echo "You must enter in a username and password combination!";
exit;
}
$connection = DB::connect("mysql://$db_username:$db_password@$db_host/$db_database");
if (DB::isError($connection)){
die ("Could not connect to the database: <br />". DB::errorMessage($connection));
}
$username = mysql_real_escape_string($_SERVER['PHP_AUTH_USER']);
$password = mysql_real_escape_string($_SERVER['PHP_AUTH_PW']);
$query = "SELECT `user_id`, `username` FROM `users` WHERE
`username`='".$username."' AND `password`=MD5('".$password."') LIMIT 1";
$result = $connection->query($query);
if(!($row = $result->fetchRow(DB_FETCHMODE_ASSOC))) { header('WWW-Authenticate: Basic realm="Member Area"'); header("HTTP/1.0 401 Unauthorized");
echo "Your username and password combination was incorrect!";
exit;
}
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['username'] = $row['username'];
}
echo "You have successfully logged in as ".$_SESSION["username"].".";
?>
Posted by krautgrrl on 09/25 at 11:43 AM
Chapter 13 Code • (26) Comments • (30) Trackbacks • Permalink
Chapter 13 Code • (26) Comments • (30) Trackbacks • Permalink
Statistics
This page has been viewed 407339 times
Page rendered in 9.5349 seconds
Total Entries: 224
Total Comments: 16
Total Trackbacks: 307338
Most Recent Entry: 09/27/2006 12:39 pm
Most Recent Comment on: 10/26/2007 10:00 am
Total Members: 2
Total Logged in members: 0
Total guests: 12
Total anonymous users: 0
Most Recent Visitor on: 05/19/2012 06:17 am
The most visitors ever was 1103 on 11/20/2007 12:50 pm
