Hello,
I think that it wil be very useful to authenticate via the mysql (or
generally the database server) authentication system, instead of
dadabik's user table.
Actually the mysql user is always the same (the one you specify in
'include/config.php'), while the dadabik user is the one you specify
in the login form. This implies that you have to take care of updating
dadabik's user table while handling users account, and you can't take
all the advantages given by the very sophisticated mysql privilege
system.
I made some changes in 'include/config.php' to overcome this
problem, substitute the lines where you specify user name and password
(the variables are $user and $pass) with:
//--------------------------------------------------------------------
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="$db_name"');
header('HTTP/1.0 401 Unauthorized');
echo 'Access denied.';
exit;
}
// database user
$user = $_SERVER['PHP_AUTH_USER'];
// database password
$pass = $_SERVER['PHP_AUTH_PW'];
//--------------------------------------------------------------------
I would really appreciate the possibility of authenticate via mysql in
future versions, maybe with a variable switch to choose which is
the authentication system to be used.
