Postgres Pro
Downloads
Home   >   mailing lists

HTTP_AUTH and SQL WHERE Clause - Mailing list pgsql-php

From Seader, Cameron
Subject HTTP_AUTH and SQL WHERE Clause
Date
Msg-id 71B8A8BEC516CF46835CA629156CF21163F5CE@bedford.idacorp.local
Whole thread Raw
Responses Re: HTTP_AUTH and SQL WHERE Clause  (brew@theMode.com)
Re: HTTP_AUTH and SQL WHERE Clause  ("Rod K" <rod@23net.net>)
List pgsql-php
Tree view 
Hey Folks,
I am having trouble with some variables the $HTTP_AUTH_USER and $HTTP_AUTH_PW - now im useing PHP 4.3.3 and so i know
thatyou have to use $_SERVER['HTTP_AUTH_USER'] and $_SERVER['HTTP_AUTH_PW'] instead of the old way now. Well i am
havingtrouble with this script i have created to authenticate user name and password and verify against a postgresql
databasebelow.  

$auth = false; // Assume user is not authenticated

if (isset( $_SERVER['PHP_AUTH_USER'] ) && isset($_SERVER['PHP_AUTH_PW'])) {

// Connect to MySQL

pg_pconnect("host=172.18.204.64 port=5432 dbname=acquisuite_db user=pgadmin password=pgadmin") or die ( 'Unable to
connectto server.' );  

// Select database on MySQL server

// mysql_select_db( 'your_db' )
// or die ( 'Unable to select database.' );

// Formulate the query

$sql = ("SELECT * FROM tbl_authenticate WHERE username = '$PHP_AUTH_USER' AND password = '$PHP_AUTH_PW'");

// Execute the query and put results in $result

$result = pg_exec( $sql )
or die ( 'Unable to execute query.' );

// Get number of rows in $result.

$num = pg_num_rows( $result );

if ( $num != 0 ) {

// A matching row was found - the user is authenticated.

$auth = true;

}

}

The Problem is on the $sql line when i put in the string to do the Query with the WHERE clause having the
$HTTP_AUTH_USERand $HTTP_AUTH_PW. When i change it to '$_SERVER['HTTP_AUTH_USER']' and '$_SERVER['HTTP_AUTH_PW']' it
doesnot work and i get a parse error.  
How can i get around this?
does anyone have any ideas for me.
Thanks

Cameron Seader
CSeader@Idahopower.com



[INFO] -- Access Manager:
This transmission may contain information that is privileged, confidential and/or exempt from disclosure under
applicablelaw.  If you are not the intended recipient, you are hereby notified that any disclosure, copying,
distribution,or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you
receivedthis transmission in error, please immediately contact the sender and destroy the material in its entirety,
whetherin electronic or hard copy format.  Thank you.   A2

pgsql-php by date:

Previous
From: "Luca Scaramella"
Date:
Subject: pg_loopen() unable to open large object
Next
From: brew@theMode.com
Date:
Subject: Re: HTTP_AUTH and SQL WHERE Clause