| From: | "Seader, Cameron" <CSeader(at)idahopower(dot)com> |
|---|---|
| To: | pgsql-php(at)postgresql(dot)org |
| Subject: | HTTP_AUTH and SQL WHERE Clause |
| Date: | 2003-09-27 20:57:27 |
| Message-ID: | 71B8A8BEC516CF46835CA629156CF21163F5CE@bedford.idacorp.local |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-php |
Hey Folks,
I am having trouble with some variables the $HTTP_AUTH_USER and $HTTP_AUTH_PW - now im useing PHP 4.3.3 and so i know that you have to use $_SERVER['HTTP_AUTH_USER'] and $_SERVER['HTTP_AUTH_PW'] instead of the old way now. Well i am having trouble with this script i have created to authenticate user name and password and verify against a postgresql database below.
$auth = false; // Assume user is not authenticated
if (isset( $_SERVER['PHP_AUTH_USER'] ) && isset($_SERVER['PHP_AUTH_PW'])) {
// Connect to MySQL
pg_pconnect("host=172.18.204.64 port=5432 dbname=acquisuite_db user=pgadmin password=pgadmin") or die ( 'Unable to connect to server.' );
// Select database on MySQL server
// mysql_select_db( 'your_db' )
// or die ( 'Unable to select database.' );
// Formulate the query
$sql = ("SELECT * FROM tbl_authenticate WHERE username = '$PHP_AUTH_USER' AND password = '$PHP_AUTH_PW'");
// Execute the query and put results in $result
$result = pg_exec( $sql )
or die ( 'Unable to execute query.' );
// Get number of rows in $result.
$num = pg_num_rows( $result );
if ( $num != 0 ) {
// A matching row was found - the user is authenticated.
$auth = true;
}
}
The Problem is on the $sql line when i put in the string to do the Query with the WHERE clause having the $HTTP_AUTH_USER and $HTTP_AUTH_PW. When i change it to '$_SERVER['HTTP_AUTH_USER']' and '$_SERVER['HTTP_AUTH_PW']' it does not work and i get a parse error.
How can i get around this?
does anyone have any ideas for me.
Thanks
Cameron Seader
CSeader(at)Idahopower(dot)com
[INFO] -- Access Manager:
This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. A2
| From | Date | Subject | |
|---|---|---|---|
| Next Message | brew | 2003-09-28 11:26:34 | Re: HTTP_AUTH and SQL WHERE Clause |
| Previous Message | Luca Scaramella | 2003-09-26 16:43:35 | pg_loopen() unable to open large object |