HTTP_AUTH and SQL WHERE Clause

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hey Folks, 
I am having trouble with some variables the $HTTP_AUTH_USER and $HTTP_AUTH_PW - now im useing PHP 4.3.3 and so i know that you have to use $_SERVER['HTTP_AUTH_USER'] and $_SERVER['HTTP_AUTH_PW'] instead of the old way now. Well i am having trouble with this script i have created to authenticate user name and password and verify against a postgresql database below. 

$auth = false; // Assume user is not authenticated 

if (isset( $_SERVER['PHP_AUTH_USER'] ) && isset($_SERVER['PHP_AUTH_PW'])) { 

// Connect to MySQL 

pg_pconnect("host=172.18.204.64 port=5432 dbname=acquisuite_db user=pgadmin password=pgadmin") or die ( 'Unable to connect to server.' ); 

// Select database on MySQL server 

// mysql_select_db( 'your_db' ) 
// or die ( 'Unable to select database.' ); 

// Formulate the query 

$sql = ("SELECT * FROM tbl_authenticate WHERE username = '$PHP_AUTH_USER' AND password = '$PHP_AUTH_PW'"); 

// Execute the query and put results in $result 

$result = pg_exec( $sql ) 
or die ( 'Unable to execute query.' ); 

// Get number of rows in $result. 

$num = pg_num_rows( $result ); 

if ( $num != 0 ) { 

// A matching row was found - the user is authenticated. 

$auth = true; 

} 

} 

The Problem is on the $sql line when i put in the string to do the Query with the WHERE clause having the $HTTP_AUTH_USER and $HTTP_AUTH_PW. When i change it to '$_SERVER['HTTP_AUTH_USER']' and '$_SERVER['HTTP_AUTH_PW']' it does not work and i get a parse error. 
How can i get around this? 
does anyone have any ideas for me. 
Thanks 

Cameron Seader
CSeader@xxxxxxxxxxxxxx



[INFO] -- Access Manager:
This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law.  If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.  Thank you.   A2




[Index of Archives]     [Postgresql General]     [Postgresql Admin]     [PHP Users]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Yosemite Backpacking]     [Postgresql Jobs]

  Powered by Linux