PHP-Projekt/Testdatenbank

<?php
phpinfo();
?>

<?php

### Name          database.md.base.inc.php
### Description   Standard variables and functions with database "md"

require("server.mysql.inc.php");

### VARIABLES ###

$database   = "md";
$connection = mysqlconnection("{$database}",
                              "database.{$database}.password.inc.php")
                or mysqldie("Unable to connect");
?>

<?php

### Name          database.md.password.inc.php
### Description   

### VARIABLES ###

## Doesn't work if $mysqlhost = "kanzler"
## "localhost" or "127.0.0.1" or "" are OK
## also check "bind-address" in file "/etc/mysql/my.cnf"

$mysqlhost     = "localhost";   # name of host on which Mysql is running
$mysqluser     = "root";        # Mysql user
$mysqlpassword = "xxxxxx";      # password
?>

<?php

## Name          server.mysql.inc.php
## Description   Basic MySQL input and output functions


### FUNCTIONS ###

## Connecting with MySQL, activating database "md"; in case of a
## connection error, show a complete HTML document with a short error message
function mysqlconnection($mysqldatabase, $passwordfile) {
  ## In order to increase the security of this project, 
  ## move database.md.password.inc.php to another directory which is protected
  ## against general download by .htaccess and change the include line accordingly
  require($passwordfile);
  ## "@" suppresses PHP error messages in case of connection error
  $connection = @mysql_connect($mysqlhost, $mysqluser, $mysqlpassword);
  if ($connection) {
    mysql_select_db($mysqldatabase);
    return $connection;
  }
  ## In case of connection error show complete HTML file with error message
  else {
    echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0//EN\">";
    echo "<html>";
    echo "<head>";
    echo "<title>No connection</title>";
    echo "</head>";
    echo "<body>";
    echo "<p>No connection to database</p>";
    echo "</body>";
    echo "</html>";
    ## Quit PHP interpreter
    exit();
  }
}

function mysqldie($errortext)
{
  $message = mysql_error();
  $number  = mysql_errno();
  return  "[{$errortext}] ( {$number} : {$message} )<br />\n";
  exit;
}

function mysqlinsert($tarray) {
  ## number of insert fields
  $noif   = count($tarray["insert"]);
  $insert = "insert into {$tarray["t"]} (";
  for ($i = 0; $i < $noif; $i++) {
    $insert .= $tarray["fname"][$tarray["insert"][$i]];
    if ($i < $noif - 1) {
      $insert .= ",";
    }
  }
  $insert .= ") values (";
  for ($i = 0; $i < $noif; $i++) {
    $insert .= "'{$tarray["fvalue"][$tarray["insert"][$i]]}'";
    if ($i < $noif - 1) {
      $insert .= ",";
    }
  }
  $insert .= ")";
  return $insert;
}

function mysqlselect($resultfields, $tarray) {
  ## number of clauses
  $noc    = count($tarray["clause"]);
  ## number of select fields
  $nosf   = count($resultfields);
  $select = "select ";
  for ($i = 0; $i < $nosf; $i++) {
    $select .= $tarray["fname"][$resultfields[$i]];
    if ($i < $nosf - 1) {
      $select .= ",";
    }
  }
  $select .= " from {$tarray["t"]} where ";
  for ($i = 0; $i < $noc; $i++) {
    $select .= $tarray["fname"][$tarray["clause"][$i]];
    $select .= " = '{$tarray["fvalue"][$tarray["clause"][$i]]}'";
    if ($i < $noc - 1) {
      $select .= " and ";
    }
  }
  return $select;
}

?>

<?php

## Name          mysql_authentification.php
## Description   

### FUNCTIONS ###

function authenticate() 
{
  header('WWW-authenticate: basic realm="Musikdatenbank"');
  header('HTTP/1.0 401 Unauthorized');
  echo <<<INFO
  Du benoetigst einen gueltigen Benutzernamen
  ...
INFO;
  exit;
}

##### MAIN PROGRAM #####

if(!isset($_SERVER['PHP_AUTH_USER'])) 
{
  authenticate();
} 
else 
{
  include("base/database.md.base.inc.php");
  $id    = strtolower($_SERVER['PHP_AUTH_USER']);
  $query = mysql_query("
    SELECT * FROM t_authentication  
     WHERE f_authentication_name     = '$id' 
       AND f_authentication_password = '{$_SERVER['PHP_AUTH_PW']}'
    ");
  if(!mysql_num_rows($query)) 
  {
    authenticate();
  }
} 
?>