slewis1972
asked on
PHP Forms and displaying $_SERVER[PHP_AUTH_USER]
Ok,
I have been able to grab the username from iis and put it into the php page which inturn puts it into the ms sql database. basically - I have setup IIS
to request a username and password -clear text - with the domain. Once done, it goes to the form page.
Is there anyway in the actual form, I can also get the username in a field so thats its auto shown straight away. My form is in html
Heres the php script:-
<?PHP
define('DB_HOST','itdepart ment01');
define('DB_USER','sa');
define('DB_PASS', 'xxxxx');
define('DB_NAME','itreques t');
if(! $conn = mssql_connect(DB_HOST,DB_U SER,DB_PAS S)){
exit ("Wheres the DB_HOST gone?");
}
if(! mssql_select_db(DB_NAME, $conn)){
exit ("Wheres the database gone?");
}
if($campaign == ''){
exit ("Please enter a campaign name");
}
if ($quotedHours == "") {
$quotedHours = 0;
}
// if ($required == "") {
// $required = getdate();
// }
if($required!="")
$sql = "INSERT INTO requests
(requester,email,campaign, required,d etail,obje ctive,clie ntRequest,
quoted,quoteAccepted,quote dHours,log in_name)
VALUES
(\"$_SERVER[PHP_AUTH_USER] \",
\"$email\",
\"$campaign\",
\"$required\",
\"$detail\",
\"$objective\",
\"$clientRequest\",
\"$quoted\",
\"$quoteAccepted\",
\"$quotedHours\",
\"$_SERVER[PHP_AUTH_USER]\ ")";
else
$sql = "INSERT INTO requests
(requester,email,campaign, required,d etail,obje ctive,clie ntRequest,
quoted,quoteAccepted,quote dHours,log in_name )
VALUES
(\"$_SERVER[PHP_AUTH_USER] \",
\"$email\",
\"$campaign\",
getdate() + 7,
\"$detail\",
\"$objective\",
\"$clientRequest\",
\"$quoted\",
\"$quoteAccepted\",
\"$quotedHours\",
\"$_SERVER[PHP_AUTH_USER]\ ")";
if($requester == '*' || $email == '*' || $campaign == '*' || $required ==
'*' || \\ $detail == '*' || $objective == '*' || $quote_accepted == 'yes' or
'no'){
print ("<B><U>IT Request Form Summary</U></B><br><br>
Name: $requester <br><br>
Email Address: $email <br><br>
Campaign: $campaign <br><br>
Required by?: $required <br><br>
Detail: $detail <br><br>
Objective: $objective <br><br>
Client Request: $clientRequest <br><br>
Quoted?: $quoted <br><br>
Quote Accepted?: $quoteAccepted <br><br>
IP ADDRESS?: $_SERVER[PHP_AUTH_USER] <br><br>
Quoted Hours?: $quotedHours <br>");}
if(! mssql_query($sql , $conn) || mssql_error($conn)){
/* find out if the query worked, and why not if not */
exit ("Unable to insert row [$sql]<br>" . mssql_error($conn));
}
and the form page is here -
http://homepage.ntlworld.com/scott.lewis/misc/index.html - its done in an editor so dont have a go. It wont connect to a database its just there to view the source.
Scott
I have been able to grab the username from iis and put it into the php page which inturn puts it into the ms sql database. basically - I have setup IIS
to request a username and password -clear text - with the domain. Once done, it goes to the form page.
Is there anyway in the actual form, I can also get the username in a field so thats its auto shown straight away. My form is in html
Heres the php script:-
<?PHP
define('DB_HOST','itdepart
define('DB_USER','sa');
define('DB_PASS', 'xxxxx');
define('DB_NAME','itreques
if(! $conn = mssql_connect(DB_HOST,DB_U
exit ("Wheres the DB_HOST gone?");
}
if(! mssql_select_db(DB_NAME, $conn)){
exit ("Wheres the database gone?");
}
if($campaign == ''){
exit ("Please enter a campaign name");
}
if ($quotedHours == "") {
$quotedHours = 0;
}
// if ($required == "") {
// $required = getdate();
// }
if($required!="")
$sql = "INSERT INTO requests
(requester,email,campaign,
quoted,quoteAccepted,quote
VALUES
(\"$_SERVER[PHP_AUTH_USER]
\"$email\",
\"$campaign\",
\"$required\",
\"$detail\",
\"$objective\",
\"$clientRequest\",
\"$quoted\",
\"$quoteAccepted\",
\"$quotedHours\",
\"$_SERVER[PHP_AUTH_USER]\
else
$sql = "INSERT INTO requests
(requester,email,campaign,
quoted,quoteAccepted,quote
VALUES
(\"$_SERVER[PHP_AUTH_USER]
\"$email\",
\"$campaign\",
getdate() + 7,
\"$detail\",
\"$objective\",
\"$clientRequest\",
\"$quoted\",
\"$quoteAccepted\",
\"$quotedHours\",
\"$_SERVER[PHP_AUTH_USER]\
if($requester == '*' || $email == '*' || $campaign == '*' || $required ==
'*' || \\ $detail == '*' || $objective == '*' || $quote_accepted == 'yes' or
'no'){
print ("<B><U>IT Request Form Summary</U></B><br><br>
Name: $requester <br><br>
Email Address: $email <br><br>
Campaign: $campaign <br><br>
Required by?: $required <br><br>
Detail: $detail <br><br>
Objective: $objective <br><br>
Client Request: $clientRequest <br><br>
Quoted?: $quoted <br><br>
Quote Accepted?: $quoteAccepted <br><br>
IP ADDRESS?: $_SERVER[PHP_AUTH_USER] <br><br>
Quoted Hours?: $quotedHours <br>");}
if(! mssql_query($sql , $conn) || mssql_error($conn)){
/* find out if the query worked, and why not if not */
exit ("Unable to insert row [$sql]<br>" . mssql_error($conn));
}
and the form page is here -
http://homepage.ntlworld.com/scott.lewis/misc/index.html - its done in an editor so dont have a go. It wont connect to a database its just there to view the source.
Scott
Also, it is a very bad idea not quoting the strings in the array's keys like this:
$_SERVER[PHP_AUTH_USER]
Correct and forever-stable way would be
$_SERVER['PHP_AUTH_USER']
Then, in a string whether escape it:
$str = "I am " . $_SERVER['PHP_AUTH_USER'] . " !";
or embed it:
$str = "I am {$_SERVER['PHP_AUTH_USER'] } !";
Moreover, I doubt that $_SERVER['PHP_AUTH_USER'] is present at all on IIS installations. Try phpinfo:
<?php
phpinfo();
?>
It will tell you all the enviroment variables present on the system - you might find your problem, unless this is irrelevant.
Cheers,
Maxim Maletsky
$_SERVER[PHP_AUTH_USER]
Correct and forever-stable way would be
$_SERVER['PHP_AUTH_USER']
Then, in a string whether escape it:
$str = "I am " . $_SERVER['PHP_AUTH_USER'] . " !";
or embed it:
$str = "I am {$_SERVER['PHP_AUTH_USER']
Moreover, I doubt that $_SERVER['PHP_AUTH_USER'] is present at all on IIS installations. Try phpinfo:
<?php
phpinfo();
?>
It will tell you all the enviroment variables present on the system - you might find your problem, unless this is irrelevant.
Cheers,
Maxim Maletsky
ASKER
The $_SERVER[PHP_AUTH_USER] definately works on the system.
I have got round the form issue at last. Where in the form is says VALUE = "<?php echo $_SERVER[PHP_AUTH_USER] echo >" etc etc. Its not exact as not at the script right know but basically embedded the display command in the form and it world superbly.
In ref to the $_SERVER[PHP_AUTH_USER] issue - I was concerned in the first place as heard it only works with Apache but it only seems to woek in IIS it you, under securitty, specify a domain, and only select secuirty but with clear text.
Scott
I have got round the form issue at last. Where in the form is says VALUE = "<?php echo $_SERVER[PHP_AUTH_USER] echo >" etc etc. Its not exact as not at the script right know but basically embedded the display command in the form and it world superbly.
In ref to the $_SERVER[PHP_AUTH_USER] issue - I was concerned in the first place as heard it only works with Apache but it only seems to woek in IIS it you, under securitty, specify a domain, and only select secuirty but with clear text.
Scott
Yes. I missed that. I forgot that PHP_AUTH_USER is not a constant. DOH!
Something I always code with is ...
error_reporting(E_ALL);
That way this would have been flagged as a notice.
I try to remove all errors, warning and notices.
Makes for cleaner code.
Richard.
Something I always code with is ...
error_reporting(E_ALL);
That way this would have been flagged as a notice.
I try to remove all errors, warning and notices.
Makes for cleaner code.
Richard.
I don't think anyone read the question. Me included.
If the questioner doesn't come back to these comments then PAQ with refund is OK.
The question related to not connecting to the DB.
Check php.ini and make sure you have ...
extension=php_mssql.dll
and NOT
;extension=php_mssql.dll
If the web server does not have MSSQL installed on it, you will also need the a DLL from the MSSQL server (from the PHP Manual) ...
Requirements
Requirements for Win32 platforms.
The extension requires the MS SQL Client Tools to be installed on the system where PHP is installed. The Client Tools can be installed from the MS SQL Server CD or by copying ntwdblib.dll from \winnt\system32 on the server to \winnt\system32 on the PHP box. Copying ntwdblib.dll will only provide access. Configuration of the client will require installation of all the tools.
Requirements for Unix/Linux platforms.
To use the MSSQL extension on Unix/Linux, you first need to build and install the FreeTDS library. Source code and installation instructions are available at the FreeTDS home page: http://www.freetds.org/
Note: In Windows, the DBLIB from Microsoft is used. Functions that return a column name are based on the dbcolname() function in DBLIB. DBLIB was developed for SQL Server 6.x where the max identifier length is 30. For this reason, the maximum column length is 30 characters. On platforms where FreeTDS is used (Linux), this is not a problem.
What error are you getting?
Richard.
If the questioner doesn't come back to these comments then PAQ with refund is OK.
The question related to not connecting to the DB.
Check php.ini and make sure you have ...
extension=php_mssql.dll
and NOT
;extension=php_mssql.dll
If the web server does not have MSSQL installed on it, you will also need the a DLL from the MSSQL server (from the PHP Manual) ...
Requirements
Requirements for Win32 platforms.
The extension requires the MS SQL Client Tools to be installed on the system where PHP is installed. The Client Tools can be installed from the MS SQL Server CD or by copying ntwdblib.dll from \winnt\system32 on the server to \winnt\system32 on the PHP box. Copying ntwdblib.dll will only provide access. Configuration of the client will require installation of all the tools.
Requirements for Unix/Linux platforms.
To use the MSSQL extension on Unix/Linux, you first need to build and install the FreeTDS library. Source code and installation instructions are available at the FreeTDS home page: http://www.freetds.org/
Note: In Windows, the DBLIB from Microsoft is used. Functions that return a column name are based on the dbcolname() function in DBLIB. DBLIB was developed for SQL Server 6.x where the max identifier length is 30. For this reason, the maximum column length is 30 characters. On platforms where FreeTDS is used (Linux), this is not a problem.
What error are you getting?
Richard.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
$_SERVER[PHP_AUTH_USER]
in the sql statement,
try
{$_SERVER[PHP_AUTH_USER]}
Embedding variables into a string by using "$var" is correct, except for arrays.
Then you use "{$array[CONSTANT]}" or "{$array["$var"]}" or "{$array['assoc']}" or "{$array[0]}".
Regards,
Richard.