Hi,
I am trying to authenticate a user using the 401 header, but I'm trying to compare the username and password entered by the user from 2 separate tables in the database. So first I have to select the ID of the matching row for username, then if theres a match to the password in the 2nd table from that ID they're authenticated:
My code below doesnt work, any ideas?
Thanks.
I am trying to authenticate a user using the 401 header, but I'm trying to compare the username and password entered by the user from 2 separate tables in the database. So first I have to select the ID of the matching row for username, then if theres a match to the password in the 2nd table from that ID they're authenticated:
My code below doesnt work, any ideas?
Thanks.
Code:
if (isset($PHP_AUTH_USER) && isset($PHP_AUTH_PW)) {
require("include/domaindb.php");
$dblink = mysql_connect($host, $username, $password) or die("Unable to connect to MySQL on $host.");
mysql_select_db($dbase) or die("Unable to select $dbase on $host.");
$sql = "SELECT PartnerID FROM clients WHERE email='".$PHP_AUTH_USER."'";
$result = mysql_query($sql, $dblink) or die(mysql_error());
$partnerid = mysql_result($result,0,"PartnerID");
$query = "SELECT passw FROM resellers WHERE PartnerID='".$partnerid."'";
$result = mysql_query($query, $dblink) or die(mysql_error());
$passw = mysql_result($result,0,"passw");
if ($PHP_AUTH_PW != $passw) {
header( '[URL unfurl="true"]WWW-Authenticate:[/URL] Basic realm="Private"' );
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Authorization Required.';
exit;
} else {
echo '<P>You are authorized!</P>';
}
}