484 Part IV . Development } function authenticate($user,$pass)
484 Part IV . Development } function authenticate($user,$pass) { # This subroutine looks up the grants for the given # user/host pair. $query = SELECT session FROM user_table WHERE user = $user AND pass = password( $pass ) ; $result = mysql_query($query) or die ( Query failed ); $num = mysql_num_rows($result); if ($num == 0) { print Username and/or password incorrect
n ; exit; } else { $row = mysql_fetch_array($result); # Create a pseudo-random session id. srand((double)microtime()*99999999); $id = md5(rand(0,9999999)); # Encrypt the username $encuser = md5($user); # Get rid of the result, so I can send another query mysql_free_result($result) or die ( An error was encountered ); $time = time(); $query = UPDATE user_table SET session = $id ,timestamp = $time WHERE user = $user ; $result = mysql_query($query) or die ( UPDATE failed! ); setcookie( cookie_session , $id ,time()+60, / , ,0); setcookie( cookie_user , $encuser ,time()+60, / , ,0); print You have been successfully logged in
; } } # End function authenticate ?> Examination of the code reveals that many of the functions (and some of the logic) previously discussed in this chapter are incorporated into the program. A couple of snippets call for a closer look: One encrypts an otherwise-plaintext username before returning it to the browser; the other clears the memory associated with a result.
We recommend you use shared web hosting services, because many users agree that it is cheap, reliable and customer-satisfying webhost.