auth using php realm with mysql

Posted on 2005-04-23
Last Modified: 2013-12-12
i want to use apache realm aut but not with .htacess and .htpasswd but with mysql so that it will auth the user by checking the username and password againiest mysql can i do this???
Question by:neutrongenious
    LVL 49

    Accepted Solution

    Well php auth is quite "easy" to write yourself:

      $authorized = false;
        or die('No db connection');
      mysql_select_db('some database')
        or die('No db connection');

      if(!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW']))
        $username = mysql_real_escape_string($_SERVER['PHP_AUTH_USER']);
        $password = mysql_real_escape_string($_SERVER['PHP_AUTH_PW']);
        $query = "SELECT id FROM usertable WHERE".
                 " `username` = '$username' AND".
                 " `password` = '$password' LIMIT 1";
        $result = mysql_query($query);
          $authorized = (mysql_num_rows($result) == 1);
        Header('WWW-Authenticate: Basic realm="My Websites Realm" ');
        Header("HTTP/1.0 401 Unauthorized");
        echo "Action cancelled: Try again";

    LVL 1

    Author Comment

    thanks for the reply it works fine.
    now tell me i want to use this user's info in some areas how can i use them....
    should i store them in a session or what?????
    and what if i want to provide that user logoff info....
    LVL 49

    Expert Comment

    Yes, you would store such data in a session.

    Add <?php session_start();?> as the first line of code, and you can store and retrieve anything you want in and from the $_SESSION array.

    I am not sure wether or not you can unset($_SESSION['PHP_AUTH_USER']) but then again, you could have a go at it. Otherwise you have to add some additional code, which makes your session invalid when someone tries to login.

    LVL 1

    Author Comment

    thanks this solves my problem

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Introduction Many web sites contain image galleries; a common design for these galleries includes a page with a collection of thumbnail images.  You can click on each of the thumbnail images to see the larger version of the image.  This is easily i…
    I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
    The viewer will learn how to dynamically set the form action using jQuery.
    The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now