authentication

zurron

I am trying to authenticate a user sending a header, the first time works fine, but when i click in reload button, it does not ask for the login and password.

So, how can i delete the global variables $_SERVER['PHP_AUTH_USER']?

<?php
  function authenticate() {
    header('WWW-Authenticate: Basic realm="Test Authentication System"');
    header('HTTP/1.0 401 Unauthorized');
    echo "You must enter a valid login ID and password to access this resource\n";
    exit;
  }
 //* validete if the login and password exist in a table on db*/
  function if_exist_in_table($login,$pass){
     $con=pg_connect("dbname=db user=user") or die("NOT CONNECTED");
     $query="SELECT login from tb_user where login='$login' and password='$pass'";
     $result=pg_exec($con,$query);
     if (pg_num_rows($result)==1)
        {
                return 1;
        }
      return 0;
      }//end of the function
 // authenticate();  

  if((if_exist_in_table($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))==1) {
   echo "<p>Welcome: {$_SERVER['PHP_AUTH_USER']}<br>";
   echo "</p>\n";
   } 

  else authenticate();
?>

Tig

Make sure that you are using PHP as a module (i.e. an Apache module) and not using CGI. The authentication will not work if you are using CGI.

Use this link below to get more info on configuring PHP as an Apache module. Then, you will not need to unset() the variables.

Good luck!

http://www.thesitewizard.com/archive/php4install.shtml