WWW-authenticate type question

Anon

Hi,

I finally got my WWW-authenticate script to work and read the username and password from my MySQL database.

My question is this. What should I do to make this work on all of the pages I want protected?

Do I have to put the script at the opening of each page? Im lost, please, suggestions! 🙂

Joe

Anon

Make sessions for username..

And call this session on all the pages u want to protect.

This may help u

Chanderjit

Anon

Actually... If I may suggest,

I have been doing the same thing lately. But what happens if you have more than one time the same username?

What I did was I registered the session ID and the password:

session_register("session");
session_register("pass");

$session["id"] = $PHPSESSID;
$password = md5($pass);
$pass["pass"] = $password;

and of course had the script update the session ID in the DB.

Of course it can be done without the password, but I decided for a little extra ooomph. At any rate, in the script that I include at the very top of each of my pages do the following:

1- check if sessions are registered, if so;
2- compare session id & pass to info in database;
3- on the logout page, unregister the variables.

hope this helps...?