Zone Six - PHP

I'll begin with something simple - using patUser to restrict access to a Web page. In this scenario, only users who provide appropriate credentials - a login name and password - will be allowed access to the page; all other users will simply be presented with an error message.

Here's the code:

<?php
// include classes
include("../include/patDbc.php"); include("../include/patUser.php");
include("../include/patTemplate.php");
// initialize database layer
$db = new patMySqlDbc("localhost", "db111", "us111", "secret");
// initialize template engine
$tmpl = new patTemplate();
$tmpl->setBasedir("../templates");
// initialize patUser
$u = new patUser(true);
// connect patUser to database/template engines
$u->setAuthDbc($db);
$u->setTemplate($tmpl);
// check credentials before displaying page
$uid = $u->requireAuthentication("displayLogin");
// restricted page goes here
?>
<html>
<head>
<basefont face="Arial">
</head>
<body>
<center>
<h2>Welcome to Zone 6!</h2>
<u>This is a restricted zone. Trespassers will be vaporized.</u> </center>
<p align="right">
Your user ID is <?=$uid?>
<br>
<a href="logout.php">Log out</a>
</body>
</html>

As you can see, the script above contains an HTML page which I'm assuming you want to restrict access to, surrounded with some fairly complicated code. The code is all explained a little further down, so don't worry too much about it just yet; instead, try accessing this page through your Web browser.

You should see something like this:



Try entering a random user name and password - since the database is currently empty, the system should barf and throw you back out with an error message.



Now, add a user to the "users" table,

INSERT INTO users (`uid`, `username`, `passwd`) VALUES ('', 'joe', 'joe');

and try logging in again with that username and password. This time, patUser should recognize that your credentials are valid and allow you access to the page.

>>> More PHP Articles          >>> More By icarus, (c) Melonfire

blog comments powered by Disqus