PDA

Click to See Complete Forum and Search --> : PHP_AUTH Sessions

JDM71488
08-31-2003, 08:38 PM
Hello, I need some help with my script... I am using the PHP_AUTH_USER & PHP_AUTH_PW pop up login box...

Well, I need a way to make it where the is a way to end the session, or logout. I know I can close the browser window, but this makes it very inconvieniant (spelling???).

Also, if there would be a way to throw in a blocker for all protected pages, that would be great...

Any help is appreciated!!!!



<?php

$auth = false; // Assume user is not authenticated

if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {
mysql_connect( 'localhost', 'username', 'password' )
or die ( 'Unable to connect to server.' );
mysql_select_db( 'jdm71488_test' )
or die ( 'Unable to select database.' );

$sql = "SELECT * FROM users WHERE
user = '$PHP_AUTH_USER' AND
pass = '$PHP_AUTH_PW'";

$result = mysql_query( $sql )
or die ( 'Unable to execute query.' );

$num = mysql_numrows( $result );
if ( $num != 0 ) {
$auth = true;
}
}

if ( ! $auth ) {
header( 'WWW-Authenticate: Basic realm="JDM Enterprises"' );
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Authorization Required.';
exit;
} else {
setcookie ("verified", "true");
header("Location:http://www.jdm71488.com/members/secure.php");
}

?>
PunkSktBrdr01
09-01-2003, 09:22 PM
I recommend the PHP documentation for the setcookie() function:

http://us3.php.net/manual/en/function.setcookie.php

As it says in the documentation, to delete a cookie, simply set its expiration time to somewhere in the past:


setcookie("verified", "", time() - 3600);


Here's an access control script:


<?
if(!$_COOKIE['verified'] || $_COOKIE['verified'] != "true") {
header('HTTP/1.0 401 Unauthorized');
echo "<div style=\"text-align:center;\">Access denied!</div>";
exit;
}
?>


Hope that helps!
JDM71488
09-04-2003, 10:23 AM
I inserted the "access control" on all my protected pages and when I enter the right password to access the protected page, it displays "Access Denied!". So its like I got in but my content wont display...
PunkSktBrdr01
09-04-2003, 02:37 PM
Did you change any of the original code you posted?
JDM71488
09-04-2003, 04:30 PM
:) My appologies... The code was altered somehow, I re-checked it and it works perfectly... Thank you again for your help...