?
Solved

PHP Forms and displaying $_SERVER[PHP_AUTH_USER]

Posted on 2003-02-20
7
Medium Priority
?
471 Views
Last Modified: 2012-06-22
Ok,

I have been able to grab the username from iis and put it into the php page which inturn puts it into the ms sql database. basically - I have setup IIS
to request a username and password -clear text - with the domain. Once done, it goes to the form page.

Is there anyway in the actual form, I can also get the username in a  field so thats its auto shown straight away. My form is in html

Heres the php script:-

<?PHP

define('DB_HOST','itdepartment01');
define('DB_USER','sa');
define('DB_PASS', 'xxxxx');
define('DB_NAME','itrequest');

if(! $conn = mssql_connect(DB_HOST,DB_USER,DB_PASS)){
exit ("Wheres the DB_HOST gone?");
}

if(! mssql_select_db(DB_NAME, $conn)){
exit ("Wheres the database gone?");
}

if($campaign == ''){
exit ("Please enter a campaign name");
}

if ($quotedHours == "") {
  $quotedHours = 0;
}

// if ($required == "") {
//  $required = getdate();
// }

if($required!="")
$sql = "INSERT INTO requests
(requester,email,campaign,required,detail,objective,clientRequest,
quoted,quoteAccepted,quotedHours,login_name)
VALUES
(\"$_SERVER[PHP_AUTH_USER]\",
\"$email\",
\"$campaign\",
\"$required\",
\"$detail\",
\"$objective\",
\"$clientRequest\",
\"$quoted\",
\"$quoteAccepted\",
\"$quotedHours\",
\"$_SERVER[PHP_AUTH_USER]\")";

else
$sql = "INSERT INTO requests
(requester,email,campaign,required,detail,objective,clientRequest,
quoted,quoteAccepted,quotedHours,login_name )
VALUES
(\"$_SERVER[PHP_AUTH_USER]\",
\"$email\",
\"$campaign\",
getdate() + 7,
\"$detail\",
\"$objective\",
\"$clientRequest\",
\"$quoted\",
\"$quoteAccepted\",
\"$quotedHours\",
\"$_SERVER[PHP_AUTH_USER]\")";

if($requester == '*' || $email == '*' || $campaign == '*' || $required ==
'*' || \\ $detail == '*' || $objective == '*' || $quote_accepted == 'yes' or
'no'){

print ("<B><U>IT Request Form Summary</U></B><br><br>
Name: $requester <br><br>
Email Address: $email <br><br>
Campaign: $campaign <br><br>
Required by?: $required <br><br>
Detail: $detail <br><br>
Objective: $objective <br><br>
Client Request: $clientRequest <br><br>
Quoted?: $quoted <br><br>
Quote Accepted?: $quoteAccepted <br><br>
IP ADDRESS?: $_SERVER[PHP_AUTH_USER] <br><br>
Quoted Hours?: $quotedHours <br>");}


if(! mssql_query($sql , $conn) || mssql_error($conn)){
   /* find out if the query worked, and why not if not */

exit ("Unable to insert row [$sql]<br>" . mssql_error($conn));

}

and the form page is here -
http://homepage.ntlworld.com/scott.lewis/misc/index.html -  its done in an editor so dont have a go. It wont connect to a database its just there to view the source.

Scott

0
Comment
Question by:slewis1972
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 7987425
Instead of ...

$_SERVER[PHP_AUTH_USER]

in the sql statement,

try

{$_SERVER[PHP_AUTH_USER]}

Embedding variables into a string by using "$var" is correct, except for arrays.

Then you use "{$array[CONSTANT]}" or "{$array["$var"]}" or "{$array['assoc']}" or "{$array[0]}".

Regards,

Richard.
0
 
LVL 1

Expert Comment

by:s-maxim
ID: 7988132
Also, it is a very bad idea not quoting the strings in the array's keys like this:

$_SERVER[PHP_AUTH_USER]

Correct and forever-stable way would be

$_SERVER['PHP_AUTH_USER']

Then, in a string whether escape it:

$str = "I am " . $_SERVER['PHP_AUTH_USER'] . " !";

or embed it:

$str = "I am {$_SERVER['PHP_AUTH_USER']} !";

Moreover, I doubt that $_SERVER['PHP_AUTH_USER'] is present at all on IIS installations. Try phpinfo:

<?php
phpinfo();
?>

It will tell you all the enviroment variables present on the system - you might find your problem, unless this is irrelevant.


Cheers,
Maxim Maletsky
0
 

Author Comment

by:slewis1972
ID: 7989012
The $_SERVER[PHP_AUTH_USER] definately works on the system.

I have got round the form issue at last. Where in the form is says VALUE = "<?php echo $_SERVER[PHP_AUTH_USER] echo >" etc etc. Its not exact as not at the script right know but basically embedded the display command in the form and it world superbly.

In ref to the $_SERVER[PHP_AUTH_USER] issue - I was concerned in the first place as heard it only works with Apache but it only seems to woek in IIS it you, under securitty, specify a domain, and only select secuirty but with clear text.

Scott
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 40

Expert Comment

by:Richard Quadling
ID: 7992328
Yes. I missed that. I forgot that PHP_AUTH_USER is not a constant. DOH!

Something I always code with is ...

error_reporting(E_ALL);

That way this would have been flagged as a notice.

I try to remove all errors, warning and notices.

Makes for cleaner code.

Richard.
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 11782825
I don't think anyone read the question. Me included.

If the questioner doesn't come back to these comments then PAQ with refund is OK.



The question related to not connecting to the DB.

Check php.ini and make sure you have ...

extension=php_mssql.dll

and NOT

;extension=php_mssql.dll

If the web server does not have MSSQL installed on it, you will also need the a DLL from the MSSQL server (from the PHP Manual) ...

Requirements
Requirements for Win32 platforms.

The extension requires the MS SQL Client Tools to be installed on the system where PHP is installed. The Client Tools can be installed from the MS SQL Server CD or by copying ntwdblib.dll from \winnt\system32 on the server to \winnt\system32 on the PHP box. Copying ntwdblib.dll will only provide access. Configuration of the client will require installation of all the tools.

Requirements for Unix/Linux platforms.

To use the MSSQL extension on Unix/Linux, you first need to build and install the FreeTDS library. Source code and installation instructions are available at the FreeTDS home page: http://www.freetds.org/ 

Note: In Windows, the DBLIB from Microsoft is used. Functions that return a column name are based on the dbcolname() function in DBLIB. DBLIB was developed for SQL Server 6.x where the max identifier length is 30. For this reason, the maximum column length is 30 characters. On platforms where FreeTDS is used (Linux), this is not a problem.



What error are you getting?

Richard.

0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 11810584
PAQed, with points refunded (50)

modulo
Community Support Moderator
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question