Tycoon Talk
Become a Big fish!
The number 1 forum for online business!
Post topics, ask questions, share your knowledge.
Tycoon Talk is part of Freelancer.com - find skilled workers online at a fraction of the cost.

PHP Forum


You are currently viewing our PHP Forum as a guest. Please register to participate.
Login


Tycoon Talk > Web Development and Programming Support > PHP Forum > PHP User Authentication - error

Freelance Jobs

Reply
PHP User Authentication - error
Old 12-21-2005, 12:32 PM PHP User Authentication - error
croix's Avatar
Skilled Talker

Posts: 87
Name: Colin Roy
Location: Dallas, TX
Trades: 0
Talkupation: croix is on a distinguished road
Im trying to authenticate users from a MS Access database. It asks for a user name and password, but doesnt accept anything I input. there are only 2 users in the database, and neither is accepted by the login script.

there is no error reported, just the access denied page after 3 tries. heres the code.

Code:
<?php 

$auth = false; // Assume user is not authenticated 

if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) { 

    // Connect to MSAccess 

    $cnx = odbc_connect( 'records_db' , 'Admin', '******' );
       if (!$cnx) {
        Error_handler( "Error in odbc_connect" , $cnx );
   }

    // Formulate the query 

    $sql = "SELECT * FROM users WHERE 
            username = '$PHP_AUTH_USER' AND 
            password = '$PHP_AUTH_PW'"; 

    // Execute the query and put results in $result 

    $result = mysql_query( $sql ) 
        or die ( 'Unable to execute query.' ); 

    // Get number of rows in $result. 

    $num = mysql_numrows( $result ); 

    if ( $num != 0 ) { 

        // A matching row was found - the user is authenticated. 

        $auth = true; 

    } 

} 

if ( ! $auth ) { 

    header( 'WWW-Authenticate: Basic realm="Private"' ); 
    header( 'HTTP/1.0 401 Unauthorized' ); 
    echo 'Authorization Required.'; 
    exit; 

} else { 

    echo ' 

<html>
<head>
<title>Sliquid Personal Lubricant - Admin Page - 1-800-SLIQUID</title>
<meta name="description" content="Sliquid contact admin page.">
</head>
<body>
You are Authenticated!
</body>
</html> 

    '; 

} 

?>
croix is offline
Reply With Quote
View Public Profile Visit croix's homepage!
 
 
Register now for full access!
Old 12-21-2005, 01:21 PM
0beron's Avatar
Defies a Status

Posts: 1,832
Location: Somewhere else entirely
Trades: 0
Talkupation: 0beron has a spectacular aura about0beron has a spectacular aura about
If these things are coming in from an HTML form, try $_POST['PHP_AUTH_USER'] and $_POST['PHP_AUTH_PW'] in case register globabls is switched off (if it is, then $PHP_AUTH_USER and $PHP_AUTH_PW won't be set from the form automatically).
Also, it depends on how your passwords are stored in the database - if they are stored in hashed form (ie you store the md5 hash, not the password itself) then you'll need to hash the form input with the md5() function or similar before querying. If you are not storing passwords this way, then you should be!
__________________
UPDATE 0beron SET talkupation = talkupation + lots WHERE post = 'helpful';

Please login or register to view this content. Registration is FREE
(aka MSN handwriting for forums)
0beron is offline
Reply With Quote
View Public Profile Visit 0beron's homepage!
 
Old 12-21-2005, 02:41 PM
croix's Avatar
Skilled Talker

Posts: 87
Name: Colin Roy
Location: Dallas, TX
Trades: 0
Talkupation: croix is on a distinguished road
i have tried a few variations of that, but nothing changes

$_POST['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_USER']


i even switched to hardcoded user and pass

Code:
if ( ( !isset( $_POST["PHP_AUTH_USER"] )) || (!isset($_POST["PHP_AUTH_PW"]))  
     || ( $PHP_AUTH_USER != 'admin' ) || ( $PHP_AUTH_PW != '******' ) ) { 

    header( 'WWW-Authenticate: Basic realm="Private"' ); 
    header( 'HTTP/1.0 401 Unauthorized' ); 
    echo 'Authorization Required.'; 
    exit; 

} else { 

    echo ' 

<html>
<head>
<title>Admin Page</title>
</head>
<body>
You have reached the Admin Page
</body>
</html>
 
'; 

}
same results. so my problem isnt the database. Whats going on here?
croix is offline
Reply With Quote
View Public Profile Visit croix's homepage!
 
Old 12-21-2005, 03:06 PM
croix's Avatar
Skilled Talker

Posts: 87
Name: Colin Roy
Location: Dallas, TX
Trades: 0
Talkupation: croix is on a distinguished road
someone said somthing about seeing two different realms on the login... but i dont know what was meant by that.
croix is offline
Reply With Quote
View Public Profile Visit croix's homepage!
 
Old 12-27-2005, 12:30 PM
croix's Avatar
Skilled Talker

Posts: 87
Name: Colin Roy
Location: Dallas, TX
Trades: 0
Talkupation: croix is on a distinguished road
can anyone tell me anything about the realm?
croix is offline
Reply With Quote
View Public Profile Visit croix's homepage!
 
Old 12-27-2005, 05:08 PM
croix's Avatar
Skilled Talker

Posts: 87
Name: Colin Roy
Location: Dallas, TX
Trades: 0
Talkupation: croix is on a distinguished road
heres where im at now. switched to using only hard coded, to try to get that to work first.

Code:
<?php 

if ( ( !isset( $PHP_AUTH_USER )) || (!isset($PHP_AUTH_PW))  
	 || ( $PHP_AUTH_USER != 'admin' ) || ( $PHP_AUTH_PW != 'temppass' ) ) { 

	header( 'WWW-Authenticate: Basic realm="Private"' ); 
	header( 'HTTP/1.0 401 Unauthorized' ); 
	echo 'Authorization Required.'; 
	exit; 

} else { 

	echo ' 

	<html>
<head>
<body>
test
</body>
</html> 

	'; 

} 

?>
anyone see a problem? There is no error reported, except the authorization required page that is expected with having incorrect user / pass
I have also tried

Code:
if ( ( !isset( $_SERVER['PHP_AUTH_USER'] )) || (!isset($_SERVER['PHP_AUTH_PW']))  
	 || ( $_SERVER['PHP_AUTH_USER'] != 'admin' ) || ( $_SERVER['PHP_AUTH_PW'] != '*****' ) ) { 

	header( 'WWW-Authenticate: Basic realm="Authorization Required!"'  ); 
	header( 'HTTP/1.0 401 Unauthorized' ); 
	echo 'Authorization Required.'; 
	exit;
as well as
Code:
if ( ( !isset( $_POST['PHP_AUTH_USER'] )) || (!isset($_POST['PHP_AUTH_PW']))  
	 || ( $_POST['PHP_AUTH_USER'] != 'admin' ) || ( $_POST['PHP_AUTH_PW'] != '*****' ) ) { 

	header( 'WWW-Authenticate: Basic realm="Authorization Required!"'  ); 
	header( 'HTTP/1.0 401 Unauthorized' ); 
	echo 'Authorization Required.'; 
	exit;
i cant fid a problem, and at least one of these should work for me.

http://www.sliquid.com/protected/login4.php
thats a link to the code posted first above.
user - admin
pass - temppass
croix is offline
Reply With Quote
View Public Profile Visit croix's homepage!
 
Reply     « Reply to PHP User Authentication - error
 
Previous Thread | Next Thread Tycoon Talk > Web Development and Programming Support > PHP Forum > PHP User Authentication - error

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




   
RSS Feed  Feeds: RSS   JS   XML
RSS Feed  Feeds for this forum: RSS   JS   XML



Page generated in 0.28520 seconds with 12 queries