user authentication

 
Post new topic   Reply to topic    Aprelium Forum Index -> PHP
View previous topic :: View next topic  
Author Message
jonleow
-


Joined: 29 Apr 2004
Posts: 48

PostPosted: Tue Jun 22, 2004 4:49 am    Post subject: user authentication Reply with quote

hi guys, im back!

im trying to do user authentication now in my website. The pages that i want to restrict from unauthorised users, where should i keep it?

C:\Program Files\Abyss Web Server\htdocs\ or
C:\Program Files\Abyss Web Server\cgi-bin ?

After someone has authorised himself by entering the correct username and password, how do i direct him to the protected pages? Below is a script that i have learned from a book. Will any php guru please take a look and tell me how can i modify it to do my bidding?



<?php

//continue a process, depending on the value of the $do variable.
//if this is the first time to access this script, the $do variable
//has no value.

switch($do) {

//if the value of $do is "authenticate", continue this process


case "authenticate":

//when submitting a form, php automatically assigns values to
//variables with name matching the form fields. In this case, $username
//and $password have already been created, transparently.

//open the database connection


mysql_connect("localhost", "booker", "spinner") or die ("unable to connect to mysql");

mysql_select_db("user") or die ("unable to select database");


//formulate the query

$sql = "SELECT id FROM user WHERE username='$username' and password='$password'";

//Execute the query and put results in $result

$result = mysql_query($sql) or die ("unable to get results");


//Get number of rows in $results. Should be 0 if invalid and 1 if valid.

$num = mysql_numrows($result);

//Present results based on validity

if ($num==1) {

echo "You are a valid user";
echo "your username and password is '$username' and '$password'";



}





else if ($num==0) {

unset($do);
echo "you are not authorized! Please re-enter your info";

//The next command automatically places the contents of
//login_form.inc at this position; the HTML form fields will display.

include("login_form.inc");

}

break;

default:

//The default case, means "if no value exists for $do, or if no other case matches
//a value for $do, display the login form".
//We only send a value for $do in the action of the form, ie:login2.php?do=authenticate


include("login_form.inc");

}

?>
Back to top View user's profile Send private message MSN Messenger
MUGH8506
-


Joined: 14 Jun 2004
Posts: 72
Location: Hell

PostPosted: Tue Jun 22, 2004 6:50 am    Post subject: Reply with quote

in the htdocs directry
_________________

http://www.trustabyss.com/
Back to top View user's profile Send private message MSN Messenger
MUGH8506
-


Joined: 14 Jun 2004
Posts: 72
Location: Hell

PostPosted: Tue Jun 22, 2004 6:51 am    Post subject: Reply with quote

C:\Program Files\Abyss Web Server\htdocs\
_________________

http://www.trustabyss.com/
Back to top View user's profile Send private message MSN Messenger
jonleow
-


Joined: 29 Apr 2004
Posts: 48

PostPosted: Tue Jun 22, 2004 11:29 pm    Post subject: Reply with quote

ok...do you know how to make the protected pages prompt users for username and password when accessed?
Back to top View user's profile Send private message MSN Messenger
iNaNimAtE
-


Joined: 05 Nov 2003
Posts: 2381
Location: Everywhere you're not.

PostPosted: Tue Jun 22, 2004 11:40 pm    Post subject: Reply with quote

Abyss happens to offer access control...
_________________
Bienvenidos!
Back to top View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
Dieu
-


Joined: 22 Jun 2004
Posts: 22

PostPosted: Wed Jun 23, 2004 11:59 am    Post subject: Reply with quote

good
Back to top View user's profile Send private message
kordian
-


Joined: 06 Apr 2005
Posts: 2
Location: Poland

PostPosted: Wed Jun 22, 2005 7:04 am    Post subject: Reply with quote

how to usage this with form ?
Back to top View user's profile Send private message
MonkeyNation
-


Joined: 05 Feb 2005
Posts: 921
Location: Cardiff

PostPosted: Wed Jun 22, 2005 4:04 pm    Post subject: Reply with quote

If you want the password prompts then youll have to add usernames and protected directories from inside the abyss consoles.

However, I prefer the idea of a database because its so much more customizable and easier, although perhaps harder for beginners.
Why the author used a switch for 2 things I have no idea, I suppose it leaves room for implementation, but personally id have used some elseifs.
As to your question, yes, in the htdocs directory.
_________________
Back to top View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger ICQ Number
Display posts from previous:   
Post new topic   Reply to topic    Aprelium Forum Index -> PHP All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group