Http authentication - dreamhost and php

software development

#1

Hi

I am trying to teach myself PHP by following the examples in this book:

http://lpmj.net/

I’ve uploaded the example12-2.php file to my domain but it doesn’t work. Code as follows:

[php]<?php
$username = ‘admin’;
$password = ‘letmein’;

if (isset($_SERVER[‘PHP_AUTH_USER’]) &&
isset($_SERVER[‘PHP_AUTH_PW’]))
{
if ($_SERVER[‘PHP_AUTH_USER’] == $username &&
$_SERVER[‘PHP_AUTH_PW’] == $password)
echo “You are now logged in”;
else die(“Invalid username / password combination”);
}
else
{
header(‘WWW-Authenticate: Basic realm=“Restricted Section”’);
header(‘HTTP/1.0 401 Unauthorized’);
die (“Please enter your username and password”);
}
?>
[/php]

The problem does not seem to be with the code as it is working here:

http://lpmj.net/12/example12-2.php

Thanks in advance to anyone who can help.


#2

Some quirks of our environment end up causing authentication data to not be passed to PHP. I believe there is a way to work around this using SetEnv .htaccess rules, but I can’t find it offhand.

That being said, HTTP user authentication is generally not considered best practices to support logins on your site, as it has a number of unavoidable drawbacks. (For instance, the login form cannot be customized, and there is no way to allow or require users to log out, short of changing their password.) Session-based logins are standard practice online today — I don’t have a copy of the book, but judging from the examples, those should be covered later in the chapter.


#3

Thanks for the reply.

There is another more sophisticated login example later in the book, but this also gives me an error:

[php]

<?php // Example 21-7: login.php include_once 'header.php'; echo "

Please enter your details to log in

"; $error = $user = $pass = ""; if (isset($_POST['user'])) { $user = sanitizeString($_POST['user']); $pass = sanitizeString($_POST['pass']); if ($user == "" || $pass == "") { $error = "Not all fields were entered
"; } else { $query = "SELECT user,pass FROM members WHERE user='$user' AND pass='$pass'"; if (mysql_num_rows(queryMysql($query)) == 0) { $error = "Username/Password invalid

"; } else { $_SESSION['user'] = $user; $_SESSION['pass'] = $pass; die("You are now logged in. Please " . "click here to continue.

"); } } } echo <<<_END $error Username
Password _END; ?>
 
[/php]

The error is:

Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (2)


#4

That one looks like it’s simply incomplete. It’s missing a call to the mysql_connect() function, in which you will need to specify the database name, hostname, username, and password to a MySQL database.

You can set up a MySQL database in the DreamHost Panel under “Goodies > MySQL Databases”.