1
I created a .htaccess file and .htpass file in C drive under "C:\secret" folder.
.htaccess script -
Expand|Select|Wrap|Line Numbers
- AuthUserFile "C:\secret\.htpass
- AuthGroupFile /dev/null
- Authame "Accounting Department"
- AuthType Basic
- Require valid-user
.htpass file contains the name and password.
Vars.inc contains this code-
Expand|Select|Wrap|Line Numbers
- <?php
- $host = "localhost";
- $user = "root";
- $passwd = "ABCD";
- $database = "useraccount";
- ?>
Expand|Select|Wrap|Line Numbers
- <?php
- /* File: Welcome.inc
- * Desc: HTML code that displays the Welcome Web page.
- * Uses one PHP variable, $user_name.
- */
- echo "<html><head><title>Welcome</title></head>\n
- <body>
- <p align='center'>Hello, $user_name</p>\n
- <p align='center'>Welcome to my secret page</p>\n
- </body></html>";
- ?>
I have created a database "useraccount" and a table "valid_user" in it with user_name,password ,create_date fields and then filled the "valid_user" table with data.
Now when I run the below code ,instead of a pop-window asking for username and password ,it shows directly "The User Name or password you entered is not valid." in the browser.
Expand|Select|Wrap|Line Numbers
- <?php
- /* Program: Auth.php
- * Desc: Program that prompts for a user name and
- * password from the user using HTTP authentication.
- * The program then tests whether the user
- * name and password match a user name and password
- * pair stored in a MySQL database.
- */
- if(!isset($_SERVER['PHP_AUTH_USER']))
- {
- header('WWW-Authenticate: Basic realm="secret section"');
- header('HTTP/1.0 401 Unauthorized');
- exit("This page requires authentication!");
- }
- else
- {
- include("Vars.inc");
- $user_name = trim($_SERVER['PHP_AUTH_USER']);
- $user_password = trim($_SERVER['PHP_AUTH_PW']);
- $connection = mysql_connect($host,$user,$passwd) #23
- or die ("Couldn't connect to server.");
- $db = mysql_select_db($connection,$database)
- or die ("Couldn't select database.");
- $sql = "SELECT user_name FROM Valid_User
- WHERE user_name = '$user_name'
- AND password = md5('$user_password')";
- $result = mysql_query($connection,$sql)
- or die("Couldn't execute query.");
- $num = mysql_num_rows($result);
- if ($num < 1)
- {
- exit("The User Name or password you entered
- is not valid.<br>");
- }
- }
- include("Welcome.inc");
- ?>
1)I have doubt as to whether the "passwd" will be "password" in line #23 above as the Vars.inc file contains "passwd" ?
2)Also will I have to put real values for $user,$host ,$password ,$database ?
3)should the $user be root which is my mysql username and the $password my mysql password?
4)The error is sometimes "The User Name or password you entered is not valid."
I referred to the articles in this same forum -
A)http://bytes.com/topic/php/answers/7...-php-line-10-a
B)http://bytes.com/topic/php/answers/7...-php-line-11-a
but still my problem remains.
Now the error is in line #23,the browser gives the following error -
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'user'@'localhost' (using password: YES) in I:\xampp\htdocs\test\test1\Auth.php on
line 23 Couldn't connect to server.
I am totally confused .
Please help.
