Bent Stigsen <ng**@thevoid.dk> wrote in message news:<41***********************@dread15.news.tele. dk>...
HH wrote:
[snip] I'm not sure how to use superglobals here. I tried to use
$_GET('offset') at a few places, but I kept getting error messages
when I display the page. Could you help? Thanks again!
I assume you did use $_GET['offset'] and not $_GET('offset')
You can either use the "import_request_variables" function if you not
sure what other parameters might exist or use
$offset = $_GET['offset']; in the beginning the the scripts.
/Bent
It worked after I changed $_GET('offset') to $_GET['offset']. I'm
still new to php. Won't make that mistake again. Now I have trouble
with edit.php page, which when first clicked, it asks for a username
and password, and if validation is successful, I'll arrive at a page
that allows me to delete unwanted entries in the database. I'm pretty
sure I used the correct username and password. But it just won't let
me pass through. Below is authenticate.php, which is included at the
beginning of edit.php and responsible for the authentication part. I
even used globals here, but it gives me three times to try, and ends
with the display of $errmsg. Any ideas? Thanks so much for the help!
HH
<?php
/*
Application: Guestbook2K
Name: authenticate.php
Purpose: Validate user name and password against the database,
using HTTP authentication.
This code uses the authenticate() function, declared in
/book/functions/basic.php.
*/
// realm is the label that will appear in the pop-up window that
// asks for name and password.
// errmsg is the text that will be displayed if the user hits the
'Cancel'
// button in the pop-up
$realm = "Guest Book Administration";
$errmsg = "You must enter a valid name & password to access this
function";
// PHP_AUTH_USER and PHP_AUTH_PW are global variables supplied by
// PHP, corresponding to the user name & password the user has entered
// in the pop-up window created by an HTTP authentication header. If
no
// authentication header has ever been sent, these variables will be
empty.
$PHP_AUTH_USER = $GLOBALS['PHP_AUTH_USER'];
$PHP_AUTH_PW = $GLOBALS['PHP_AUTH_PW'];
if (empty($PHP_AUTH_USER))
{
// first time through - use authenticate() to request a
// user name & password
authenticate($realm,$errmsg,"header");
}
else
{
$query = "select username from guestbook_admin
where password = password(lower('$PHP_AUTH_PW'))
and username = lower('$PHP_AUTH_USER')
";
$result = safe_query($query);
if ($result) { list($valid_user) = mysql_fetch_row($result); }
// if the query didn't work at all (which shouldn't happen), or ran
but
// didn't find a match for the user name & password, $valid_user will
// not be set to anything. if this is so, have the user try again.
if (!$result || empty($valid_user))
{
authenticate($realm,$errmsg,"query");
}
}
print "<p><b>Editing as $PHP_AUTH_USER</b></p>\n";
?>