如何使用PHP中的基本認證連接SQL查詢

Question

我想將我的基本授權與我的MySQL數據庫連接起來。實際上，我正在PHP中開發一個登錄REST API。目前，我在PHP授權腳本中硬編碼了我的用戶名和密碼，但我想連接到MySQL並使用基本授權的數據庫驗證用戶名和密碼。

這裏是我的代碼：

<?php 
// User name and password for authentication 

$username = 'admin'; 
$password = 'password'; 

if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) || 
    ($_SERVER['PHP_AUTH_USER'] != $username) || ($_SERVER['PHP_AUTH_PW'] != $password)) { 
    // The user name/password are incorrect so send the authentication headers 
    header('HTTP/1.1 401 Unauthorized'); 
    header('WWW-Authenticate: Basic realm="Guitar Wars"'); 
    exit('<h2>Guitar Wars</h2>Sorry, you must enter a valid user name and 
      password to access this page.'); 
} 
?> 

而且我想嵌入這樣的查詢：

$query = mysql_query("SELECT username FROM login WHERE username='$username' and password='$password'"); 

Answer 1

警告的mysql_query，mysql_fetch_array，的mysql_connect等擴展在PHP 5.5中棄用.0，它在PHP 7.0.0中被刪除。 應該使用MySQLi或PDO_MySQL擴展。

mysqli的編制聲明

1）首先連接數據庫和查詢與最後根據用戶的行給出的用戶名和密碼的數據庫數就可以知道用戶是否有效。

 //db connection 

     $servername = "localhost"; //host name 

     $username = "username"; //username 

     $password = "password"; //password 

     $mysql_database = "dbname"; //database name 

    //mysqli prepared statement 

     $conn = mysqli_connect($servername, $username, $password) or die("Connection failed: " . mysqli_connect_error()); 

     mysqli_select_db($conn,$mysql_database) or die("Opps some thing went wrong"); 

     $stmt = $conn->prepare("SELECT * FROM $tbl_name WHERE username=? and password=? "); 

     $stmt->bind_param('ss',$myusername,$mypassword); 

     The argument may be one of four types: 

     //i - integer 
     ///d - double 
     //s - string 
     //b - BLOB 
     //change it by respectively 

     $stmt->execute(); 
     $get_result =$stmt->get_result(); 

     $row_count= $get_result->num_rows; 

     if($row_count>0) 
     { 
      echo "valid user "; 
     } 
     else 
     { 
      echo "not valid user"; 

     }