|
|
|
Copy and paste this script in your mysql console.
This should set up the database for your secure logins.
----------------------------------------------------------
DROP TABLE IF EXISTS Users;
CREATE TABLE Users (
ID int(11) NOT NULL auto_increment,
FullName varchar(255) NOT NULL default '',
Email varchar(255) NOT NULL default '',
Username varchar(8) NOT NULL default '',
Password varchar(20) NOT NULL default '',
LastLoginDateTime text NOT NULL,
LastLoginAddress varchar(255) NOT NULL default '',
LastLoginIP text NOT NULL,
PRIMARY KEY (ID)
) TYPE=MyISAM;
------------------------------------------------------------
-----------------------------------------------------------------------
Now create a file called vars.php and type the following.
-----------------------------------------------------------------------
<?
$dbHost = "localhost";
$dbUser = "root";
$dbPass = "pass";
$dbName = "dbname";
$userTable = "Users";
$userField = "Username";
$passField = "Password";
?>
------------------------------------------------------------------------
Now create a file called login.php and type the following.
------------------------------------------------------------------------
<?include"vars.php";?>
<?php
function authenticate() {
Header("WWW-Authenticate: Basic realm=\"secure login\"");
echo "Authentication Failed!";
exit();
}
if(!isset($PHP_AUTH_USER)) {h
authenticate();
echo "Authorization Failed\n";
exit;
} else {
$checkLogin = "SELECT ID FROM $userTable WHERE $userField='$PHP_AUTH_USER' AND
$passField='$PHP_AUTH_PW'";
$db = mysql_pconnect($dbHost, $dbUser, $dbPass);
mysql_select_db($dbName, $db);
$result = mysql_query($checkLogin, $db);
$numrows = mysql_num_rows($result);
$myrow = mysql_fetch_array($result);
if ($numrows == 0) {
authenticate();
} else {
setcookie("UserID", $myrow["ID"]);
$UserID = $myrow["ID"];
}
}
?>
-----------------------------------------------------------------------------------
Now any file you want to have secure insert the following code into each file.
<?include"login.php";?>
Here is an example of a secure page.
Example index.php
----------------------------------
<?include"login.php";?>
<html>
<center>Hello there Welcome</center>
</html>
-----------------------------------
Now remember the login screen checks for a user name and password in your database.
So you might want to login and create a user and password or just create a signup
form.
If you need help inserting a user type the following in the mysql console.
INSERT INTO Users VALUES
(1,'Name','Email','test','test','3241234','1.1.1.1','1.1.1.1');
The user name will be test and password will be test.
You should now be able to secure any website page you want with the simple functions
of
MySQL and PHP4. I hope this helps you alot. These are only examples and I know there
are
many scipts that are better. Please feel free to send any ideas or comments. Thank
you for
looking at my script..
John L. Jolly III
john@flaccess.com
www.flaccess.com
|
|
| Complete, simple working example of login screen and check on a unique page using php functions, cookies and mysql database.
Categories : PHP, Cookies, MySQL, HTML and PHP, Authentication | | | PHP Based Apache + Mysql Error Log Parser
Categories : PHP, PHP Classes, Apache, MySQL, Log Files | | | Full membership authentication system.
Categories : Authentication, MySQL, PHP, Databases | | | Example voting script. Lets people enter suggestions and vote for existing ones.
Categories : MySQL, PHP, Cookies, Complete Programs, Databases | | | Easy windows installation kit for win 9* PHP4 MySQL Apache phpMyAdmin
Categories : Installation, PHP, MySQL, Apache, Web Servers | | | complete, simple, working example of a login screen/system using php functions, cookies, and a mysql database for begginers.
Categories : Authentication, Complete Programs, PHP, MySQL, Databases | | | Using .htaccess files to authenticate with .htpassword files and with MySql
(Works with Apache)
Categories : Authentication, MySQL, Apache, Databases, Web Servers | | | The first step Guest Book ... ^^
Categories : MySQL, PHP, Apache, HTML, HTTP | | | bookmarker - PHP, PHPLIB, MySQL WWW based bookmark manager
Categories : MySQL, PHP, MySQL, Complete Programs, Databases | | | This functions makes it easy to use session-variables known from ASP. With one Cookie the array "session" will save and restore from a db-record. In this version MySQL is used but it's should very easy to change
Categories : PHP, Arrays, Cookies, MySQL, Databases | | | Authorize Me! An authentication script.
Categories : MySQL, Databases, Authentication, PHP | | | Implementing a "Members ONLY" area
Categories : PHP, MySQL, Databases, Authentication | | | SQL / PHP based Integrated Authentication
Categories : PHP, Authentication, Databases, MySQL | | | PHP3 Authentication using MySQL (also has nice query_db() function to return an array of arrays from a MySQL query result).
Categories : Authentication, MySQL, PHP | | | Authentication script to authenticate users in Active Directory through LDAP.
Categories : LDAP, Authentication, Cookies, PHP | |
| | | | howie milburn wrote : 716
Hi, I cannot get this to work. I get the following error message:
Warning: Cannot add header information - headers already sent by (output started at d:\inetpub\wwwroot\test\vars.php3:11) in d:\inetpub\wwwroot\test\login.php3 on line 6
Authentication Failed!
Any ideas how to cure it?
Thanks...
| | | | Sree.Rangaraj Thirumalai wrote : 726
Not Working. I am also getting the same error message of Mr.milburn howie
| | | | John Jolly wrote : 727
People if your getting the error cant pass headers then
just delete the blank lines at the top and the bottom of
each script. This is take take of it.
John
| | | | Eddie Williams wrote : 740
All I did was replace
<?include"vars.php";?>
<?php
function authenticate(); etc....
in login.php, with:
<?include"vars.php";
function authenticate(); etc....
and It worked.
| | | | John Jolly wrote : 742
Just so you leet geeks know ive only used this script on linux with PHP4/Apache and then on a win98se machine with PHP4/Apache as well. This script works as posted! Ive used it many times from this site since I posted it.
You shouldn`t have to delete anything to make this script work if used on the above OS`s I listed. If you find a bug in this script and your running on anything other than linux or win98se then please email me so we can fix this and post it for your OS. Once again thanks for using my script.
John
www.flaccess.com
| | | | Eddie Williams wrote : 743
My problem was that I didnt *have* any blank lines in my scripts....I just noticed that the include in the beginning of login.php didnt have to be seperate, and figured that if I combined them, the headers wouldnt try to be sent again to the browser. I just changed login.php back to the way that it was posted and it didnt work again. Same error as above.....Im using PHP on a Linux box running Apache btw....
| | | | Eddie Williams wrote : 744
But like I said, It works now with the change I made. :-)
| | | | John Jolly wrote : 745
Okay on the last guys comment. I seen his scripts and he has blank lines. Just another case of blank lines.
HaHa I geuss thats what happends when you copy and paste :) I have another login script. Check it out http://www.weberdev.com/get_example.php3count=3200
Have a Merry Christmas people!
John
| | | | Eddie Williams wrote : 746
Ummm, the script that I gave you worked just fine.
| | | | Justin C wrote : 748
How would to go about using MySQL`s password() encryption function through your PHP authentication page?
| | | | Robert Landes wrote : 749
I think this works only with php compiled as module in apache and not with php running in cgi mode?!?!?
| | | | Eddie Williams wrote : 750
Isnt that the same thing?
| | | | DayGlow FlayGlow wrote : 757
I get the following error ;
Parse error: parse error in C:\php\learning\login.php on line 9
Please help me .........
| | | | H Sim wrote : 760
Have a good look at line 9. if you copied this from your browser, it may happens that there is one wrong character (for me it was "h").
remove it, and the script works fine. donīt forget to remove the blank line ;-)
| | | | Laban wrote : 772
Can`t get it to work... is it neccessarry to have PHP as module? Which version of PHP did you use when you made it?
All I get is "Authentication Failed!" and no erros, notices or warnings at all. I`ve tried to solve it with every tip that is here without better results.
| | | | Laban Laban wrote : 776
Great! It works now when I have fixed PHP as module.
| | | | Mark Bonassera wrote : 785
Is the only way to have the user log out to delete the cookie?
| | | | Laban Laban wrote : 790
How do I change the pop-up login thing to a nice webinterface?
| | | | trey briggs wrote : 800
replace the auth function stuff to a nice little form with PHP_AUTH_USER and PHP_AUTH_PW as the fields...
| | | | David Hall wrote : 862
Hi. I keep getting this error.
Warning: Cannot add header information - headers already sent by (output started at /pub/home/halld107/htdocs3/calendar/vars.php:9) in /pub/home/halld107/htdocs3/calendar/login.php on line 3
Authentication Failed!
Where Line 3 is
Header("WWW-Authenticate: Basic realm=\"secure login\"");
I have no blank lines and have tried the modification that Williams Eddie suggested to. Being a bit of a newbie I have only a little idea about what is going on.
Any help anyone, please?
CHeers.
| | | | David Hall wrote : 863
I`ve sorted it now. Ignore my previous request.
Cheers.
D.
| | | | Alex Salisbury wrote : 877
Ok, like the last guy said, did the same...took out the h from the browser, took out any blank lines, removed the ?><?php and I still have the same error message...
Don`t laugh...is is because I am running the wrong _version_ of php? or the wrong version of Apache? or I f*ct up the module or something?
http://bob.dyndns.beyondirc.net:1111/info.php
| | | | Alex Salisbury wrote : 878
Nope, it was me, I am retarded....I can`t authenticate if I don`t have any entries in the DB...DUH...
| | | | Alex Salisbury wrote : 879
OK, I don`t know if anyone is seeing this anymore....but how can i use the last 3 fields to my benefit? How do I get those values, then how do i update the record and put in those values?
| | | | James Rye wrote :1041
This works well!
How could I make a log out script?
or even make it time out?
Cheers
James
| |
|
|
