| Re: Query about WWW-Authenticate: Basic and bad UserID/Password recovery [message #178350 is a reply to message #178349] |
Sun, 10 June 2012 20:52   |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 6/10/2012 4:14 PM, Robert Rosenberg wrote:
> Per the samples I have seen in manuals and on the php,net site I store the
> header statements in a if(!isset($_SERVER['PHP_AUTH_USER'])) delineated
> section.
>
> I test the supplied UserID and Password to see if they are a valid pair. My
> problem is that when they are not (right now I have a hard coded pair to use
> in my testing) I issue an error message and have the user try again (by
> having the page relaunched via a link). The problem is that the IF sees that
> the UserID is already set (to the bad value) and thus will not reissue the
> login menu. How do I invalidate the stored value so that the IF will return
> TRUE and thus cause the menu to be issued? I tried adding a
> $_SERVER['PHP_AUTH_USER'])=""; or a unset($_SERVER['PHP_AUTH_USER']); in my
> error routine (with the link) I still do not get the the menu.
>
> Please Help.
>
> Thank you.
>
These values are set by the server. You can change them, but only for
the currently running script.
So, you need another way of doing it. One way is to set a value in the
$_SESSION array to something when the user is logged in, and test it
instead. Once you get a correct userid and password, set this value.
If the value isn't set, display the login page. Once it is set,
continue on.
BTW, I think most PHP programmers don't use the Apache userid/password.
It's OK if you're using Apache authentication, but that's about it.
The rest just put up a page with userid and password and handle it from
there. It takes Apache out of the equation and gives you full control
(i.e. you can put a "forgot password" link on the page, or a "register"
link if they haven't registered yet).
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]