By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
431,919 Members | 1,587 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 431,919 IT Pros & Developers. It's quick & easy.

Login / Password

P: n/a
FP
I want to put some code at the top of my pages which will prompt the
user for a name & password if the session variable IDUser is not set.

How do I get the browser to display the login / password dialog and how
do I access the data the user entered.

Can I put the code that gets the login / password in a page of it's own
and have the browser call that page when the IDUser isn't set, and if
so how do I do it eg.
<?
session_start();
If($_SESSION['IDUser']==''){
//how do I tell it to do the authentication page
}else{
//rest of my code
} ?>
Once the user entered a login / password and I set the IDUser on the
authentication page, how do I tell it to resume loading the original
page (the one that had the above mentioned code on it)?

Jul 17 '06 #1
Share this Question
Share on Google+
7 Replies


P: n/a
Rik
FP wrote:
I want to put some code at the top of my pages which will prompt the
user for a name & password if the session variable IDUser is not set.

How do I get the browser to display the login / password dialog and
how do I access the data the user entered.
http://www.php.net/manual/en/features.http-auth.php

Grtz,
--
Rik Wasmus
Jul 17 '06 #2

P: n/a
Look into header("Location: foo.php");

Go to the login page if not set. Upon success, go to this page.

Shelly
"FP" <ad@pottnerconsulting.cawrote in message
news:11**********************@h48g2000cwc.googlegr oups.com...
>I want to put some code at the top of my pages which will prompt the
user for a name & password if the session variable IDUser is not set.

How do I get the browser to display the login / password dialog and how
do I access the data the user entered.

Can I put the code that gets the login / password in a page of it's own
and have the browser call that page when the IDUser isn't set, and if
so how do I do it eg.
<?
session_start();
If($_SESSION['IDUser']==''){
//how do I tell it to do the authentication page
}else{
//rest of my code
} ?>
Once the user entered a login / password and I set the IDUser on the
authentication page, how do I tell it to resume loading the original
page (the one that had the above mentioned code on it)?

Jul 17 '06 #3

P: n/a
I've always done somthing like this:

At the begining of your secure scripts
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
// Start the sesion
session_start();

// Check for login
if(!isset($_SESSION["IDUser"])){
$page = urlencode($_SERVER["REQUEST_URI"]);
exit("<script>window.location.href='login.php?page =$page</script>");
}

// Secured code goes here
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
On your login.php page
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
// Code used to authenticate

// On authentication, go to passed page
exit("<script>window.location.href='".$_GET["post"]."'</script>");
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

HTH

Sheldon Glickler wrote:
Look into header("Location: foo.php");

Go to the login page if not set. Upon success, go to this page.

Shelly
"FP" <ad@pottnerconsulting.cawrote in message
news:11**********************@h48g2000cwc.googlegr oups.com...
I want to put some code at the top of my pages which will prompt the
user for a name & password if the session variable IDUser is not set.

How do I get the browser to display the login / password dialog and how
do I access the data the user entered.

Can I put the code that gets the login / password in a page of it's own
and have the browser call that page when the IDUser isn't set, and if
so how do I do it eg.
<?
session_start();
If($_SESSION['IDUser']==''){
//how do I tell it to do the authentication page
}else{
//rest of my code
} ?>
Once the user entered a login / password and I set the IDUser on the
authentication page, how do I tell it to resume loading the original
page (the one that had the above mentioned code on it)?
Jul 18 '06 #4

P: n/a
FP
Rik wrote:
FP wrote:
I want to put some code at the top of my pages which will prompt the
user for a name & password if the session variable IDUser is not set.

How do I get the browser to display the login / password dialog and
how do I access the data the user entered.

http://www.php.net/manual/en/features.http-auth.php

Grtz,
--
Rik Wasmus

I had a look at the manual and it's clear as mud.
Tomorrow I'm going to try to put the following code in an include and
call it from the different pages; it's currently working with 1 page.
If anyone sees potential problems with it, could you please point them
out.

if ($_SESSION['IDUser']=='') {
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="Demo"');
header('HTTP/1.0 401 Unauthorized');
exit;
}
//connect to database searching for record where
Login = $_SERVER['PHP_AUTH_USER'];
Pwd = $_SERVER['PHP_AUTH_PW'];
if(no records found){
header('WWW-Authenticate: Basic realm="Demo"');
header('HTTP/1.0 401 Unauthorized');
}else{
$_SESSION['IDUser'] = database record ID
}
}

Jul 18 '06 #5

P: n/a
Message-ID: <11**********************@m79g2000cwm.googlegroups .comfrom
cl*******@gmail.com contained the following:
exit("<script>window.location.href='login.php?page =$page</script>");
Fine but why rely on Javascript? Why not just do:

header("Location:login.php?page=$page");
exit();

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jul 18 '06 #6

P: n/a

Geoff Berrow wrote:
Message-ID: <11**********************@m79g2000cwm.googlegroups .comfrom
cl*******@gmail.com contained the following:
exit("<script>window.location.href='login.php?page =$page</script>");

Fine but why rely on Javascript? Why not just do:

header("Location:login.php?page=$page");
exit();

Exactly what I was about to post, but Geoff beat me to it :)

header("Location:login.php?page=$page");
will work no matter what Javascript settings the user has, while:

exit("<script>window.location.href='login.php?page =$page</script>");
relies on the visitor's browser understanding javascript (not such a
big problem these days) and on them allowing JavaScript redirects
(which can still be a problem)

Jul 18 '06 #7

P: n/a
Good point. Thank you

william.clarke wrote:
Geoff Berrow wrote:
Message-ID: <11**********************@m79g2000cwm.googlegroups .comfrom
cl*******@gmail.com contained the following:
exit("<script>window.location.href='login.php?page =$page</script>");
Fine but why rely on Javascript? Why not just do:

header("Location:login.php?page=$page");
exit();


Exactly what I was about to post, but Geoff beat me to it :)

header("Location:login.php?page=$page");
will work no matter what Javascript settings the user has, while:

exit("<script>window.location.href='login.php?page =$page</script>");
relies on the visitor's browser understanding javascript (not such a
big problem these days) and on them allowing JavaScript redirects
(which can still be a problem)
Jul 19 '06 #8

This discussion thread is closed

Replies have been disabled for this discussion.