[Wolves] Log in, and use with php/mysql

[James Turner]

On 10/07/12 00:30, Wayne Morris wrote:

> As the users are already allowed/barred from the entire webserver based
> on a .htaccess and .htpasswd file combination, is it possible to pull
> the user name
> from this so that if bob signs in, bob can be used as variable to insert
> into records showing he altered it?

Show the user name that was entered via HTTP authentication:

echo $_SERVER['PHP_AUTH_USER'];

Show the password that was entered via HTTP authentication:

echo $_SERVER['PHP_AUTH_PW'];

For more info, see:

http://php.net/manual/en/features.http-auth.php

> If not (or 'not a good idea') what is the simplest php access to use -
> all the ones I'm googling seem to revolve around letting hundreds of
> users sign up - don't want
> that - I'm going to set allowed users and set their passwords, and once
> in they can fiddle with only a handful of pages.

An alternative approach might be to use PHP's session handling to keep 
track of the current user. Users would log in by entering their 
user/password into a HTML form. If the credentials match then assign the 
user name to a session variable, e.g.

if(password_is_valid($user_name_from_form,$password_from_form))
	$_SESSION["logged_in_user"] = $user_name_from_form;

http://www.php.net/manual/en/session.examples.basic.php

Regards,

James