> $sql = ("SELECT * FROM tbl_authenticate WHERE username =
> '$PHP_AUTH_USER' AND password = '$PHP_AUTH_PW'");
>
There's no need for the parens around the quoted value.
> The Problem is on the $sql line when i put in the string to do
> the Query with the WHERE clause having the $HTTP_AUTH_USER and
> $HTTP_AUTH_PW. When i change it to '$_SERVER['HTTP_AUTH_USER']'
> and '$_SERVER['HTTP_AUTH_PW']' it does not work and i get a parse error.
So the new assignment looks like this:
$sql= "SELECT * FROM tbl_authenticate WHERE username =
'$_SERVER['HTTP_AUTH_USER']' AND password = '$_SERVER['HTTP_AUTH_PW']'";
The problem is that PHP doesn't know what you are trying to do here.
"'$_SERVER['HTTP_AUTH_PW']'" could mean "'(the value of
$_SERVER)['HTTP_AUTH_PW']'" or what you intend. To get around that you need
to enclose array elements (as well as other complex type structures like
$myObject->property ) with braces (or place them outside the quoted value.
The former:
$sql= "SELECT * FROM tbl_authenticate WHERE username =
'{$_SERVER['HTTP_AUTH_USER']}' AND password = '{$_SERVER['HTTP_AUTH_PW']}'";
and the later:
$sql= "SELECT * FROM tbl_authenticate WHERE username =
'".$_SERVER['HTTP_AUTH_USER']."' AND password =
'".$_SERVER['HTTP_AUTH_PW']."'";
I prefer the later since it's a bit easier to read IMO.
HTH
Rod
