simple security ! but why does cancel let you in anyhow?

Dev Articles Community Forums Sponsor:

April 10th, 2004, 04:34 AM

lilleydn

Registered User

Join Date: Mar 2004

Posts: 11

Time spent in forums: < 1 sec
Reputation Power: 0

simple security ! but why does cancel let you in anyhow?

Hi I have inplemented some basic security which the code is below and works fine except one little flaw , The cancel button lets you in any how (okay perhaps it is big flaw)

Can some point me in the right direction?
Im happy to either close the browser or redirect to another page?

Any one suggest where and how i'd implement this.

<?php
include ('file:///F|/proj/htdocs/connection.php');
$authorized = FALSE;
if((isset($_SERVER['PHP_AUTH_USER']) AND isset($_SERVER['PHP_AUTH_PW'])) ){
mysql_select_db($DB_SECURITY_NAME);
$query = "SELECT username from $DB_USERS Where username ='{$_SERVER['PHP_AUTH_USER']}' and password = '{$_SERVER['PHP_AUTH_PW']}'";
//$query = "SELECT username from $DB_USERS Where username ='{$_SERVER['PHP_AUTH_USER']}' and password = PASSWORD('{$_SERVER['PHP_AUTH_PW']}')";
$result = mysql_query($query);
$row = mysql_fetch_array($result);
if($row){
$authorized = TRUE;
}
}
if(!$authorized){
header('WWW-Authenticate: BASIC realm ="My Web Site"');
header('HTTP/1.0 401 Unauthorized');
}
?>

Thanks & Regards
D.

Viewing: Dev Articles Community Forums > Programming > General Programming Help > simple security ! but why does cancel let you in anyhow?

« Previous Thread | Next Thread »

Thread Tools	Search this Thread
Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox

Forum Jump