Basically, I know nothing can come before headers, but I have a login system which uses .htaccess to auth., and the login details must be checked thru a MySQL database - meaning I must selected the table etc. before setting the header!
here's my example:
//CONNECT TO DB
$cid = mysql_connect(localhost,user,password);
if (!$cid) { echo("ERROR: " . mysql_error() . "\n"); }
//SELECT DATA
$SQL = "SELECT * FROM users WHERE id = '$id'";
$retid = @mysql_db_query(database, $SQL, $cid);
if (!$retid) { echo("<center><font face=arial color=red size=2><b>Data currently unavailable.</b></font></center>"); }
while ($row = @mysql_fetch_array($retid)) {
$username = $row["username"];
$password = $row["password"];
// HEADER BIT
if (!isset($PHP_AUTH_USER))
{
header("WWW-Authenticate: Basic realm=\"Spoono Password.\"");
Header("HTTP/1.0 401 Unauthorized");
exit;
}
// CHECK LOGIN DETAILS
else if(($PHP_AUTH_USER=="$username") && ($PHP_AUTH_PW=="$password"))
{
echo "Details Correct";
}
else
{
echo "Details Incorrect";
} }
