[Wolves] Log in, and use with php/mysql

Wayne Morris waynelists at machx.co.uk
Tue Jul 10 23:01:43 UTC 2012


On 10/07/2012 08:26, James Turner wrote:
> On 10/07/12 00:30, Wayne Morris wrote:
>
>> As the users are already allowed/barred from the entire webserver based
>> on a .htaccess and .htpasswd file combination, is it possible to pull
>> the user name
>> from this so that if bob signs in, bob can be used as variable to insert
>> into records showing he altered it?
>
> Show the user name that was entered via HTTP authentication:
>
> echo $_SERVER['PHP_AUTH_USER'];
>
> Show the password that was entered via HTTP authentication:
>
> echo $_SERVER['PHP_AUTH_PW'];
>
> For more info, see:
>
> http://php.net/manual/en/features.http-auth.php
>
>> If not (or 'not a good idea') what is the simplest php access to use -
>> all the ones I'm googling seem to revolve around letting hundreds of
>> users sign up - don't want
>> that - I'm going to set allowed users and set their passwords, and once
>> in they can fiddle with only a handful of pages.
>
> An alternative approach might be to use PHP's session handling to keep 
> track of the current user. Users would log in by entering their 
> user/password into a HTML form. If the credentials match then assign 
> the user name to a session variable, e.g.
>
> if(password_is_valid($user_name_from_form,$password_from_form))
>     $_SESSION["logged_in_user"] = $user_name_from_form;
>
> http://www.php.net/manual/en/session.examples.basic.php
>
> Regards,
>
> James
>
> ______________________________________

thanks, I'll try both




More information about the Wolves mailing list