What exactly is breaking? If it's the header to redirect, you could just issue a meta refresh, or a javascript one.
On Thu, 2004-03-18 at 12:38, Chris de Vidal wrote: > Microsoft broke IE 6.0 SP1 on XP in January, requiring this patch to be > able to log into our MySQL-authenticated website: > http://www.microsoft.com/downloads/details.aspx?FamilyId=254EB128-5053-48A7-8526-BD38215C74B2&displaylang=en > > Microsoft won't put out this patch into the regular XP updates (I guess > because many websites use an alternate method and it doesn't impact as > many people). You have to download it manually. > > Of course, this is generating many complaints and we even lost a few > customers; people believe we're requring them to install software just to > log in, when we're really just requiring they fix something Microsoft > broke. > > So I really need an alternate MySQL-authenticated method. Surely they exist? > > I have a login page on an SSL-enabled Apache server that (I don't admin). > > Here's my code (you can download a complete copy from > http://devidal.tv/~chris/mysql_auth.tar.bz2, including the SQL to create > the members table). > > login.php: > ========== > <html> > <head> > <?php > if ($_GET["login_failed"]) > { > ?> > <script language="JavaScript"> > <!-- > alert ("Incorrect email address or password!"); > // --> > </script> > <?php > } > ?> > </head> > <body> > <form method="post" action="edit_agent.php"> > <input type="text" name="email"> > <input type="password" name="password"> > <input type="submit" value="Log in"> > </form> > </body> > ======= > > edit_agent.php: > =============== > <?php > require_once ("open_db.php"); > require_once ("check_login.php"); > > echo "You won't be able to see this unless you have a valid login."; > > require_once ("close_db.php"); > ?> > ============================== > > check_login.php: > ================ > <?php > require_once ("valid_email.php"); > $email = $_POST["email"]; > if (!valid_email ($email)) > { > require_once ("close_db.php"); > header ("Location: login.php?login_failed=true"); > exit; > } > > // Only alphanumeric > $password = preg_replace ("/[^\w]/", "", $_POST["password"]); > > $query = " > SELECT ID > FROM members > WHERE Email = '$email' > AND Password = PASSWORD('$password') > AND Active = '1' > "; > > $result = @mysql_query ($query); > > // Only if we have matching records > if ([EMAIL PROTECTED] ($result) >= 1) > { > require_once ("close_db.php"); > header ("Location: login.php?login_failed=true"); > exit; > } > ?> > ===== > > valid_email.php: > ================ > <?php > function valid_email($email) > { > if (ereg ("^([^[:space:]]+)@(.+)\.(.+)$", $email)) > { > return TRUE; > } else { > return FALSE; > } > } > ?> > ===== > > open_db.php is just mysql_connect and mysql_select_db, while close_db.php > is just mysql_free_result and mysql_close. I've included them in the > tarball above as well as the SQL you will need if you want to try this for > yourself. > > Again, this code worked well until Microsoft broke IE. It still works if > you apply the patch that Microsoft isn't rolling out to everyone. > > I'd considered using Apache's .htaccess files, but I haven't tried > connecting that to MySQL for authentication. And I don't have admin > access on the box to install anything on the server. > > Ideas?? > /dev/idal > "GNU/Linux is free freedom." -- Me -- Adam Voigt [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
