IBM

checkauth.inc

<?
   // 
   // This material contains IBM copyrighted sample programming source 
   // code DB2(R) UDB PHP Demo.  IBM grants you a nonexclusive copyright 
   // license to use the Sample Code as an example from which you can 
   // generate similar function tailored to your own specific needs.  
   // Your license to this Sample Code provides you no right or licenses 
   // to any IBM patents.
   // 
   // The Sample Code is provided by IBM for illustrative purposes 
   // only.  The Sample Code has not been thoroughly tested under 
   // all conditions.  IBM, therefore, does not  guarantee or imply 
   // its reliability, serviceability, or function.  IBM provides 
   // no program services for the Sample Code.
   //  
   // All Sample Code contained herein is provided to you "AS IS" without 
   // any warranties of any kind. THE IMPLIED WARRANTIES OF 
   // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE 
   // AND NON-INFRINGMENT ARE EXPRESSLY DISCLAIMED.  SOME 
   // JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED 
   // WARRANTIES, SO THE ABOVE EXCLUSIONS MAY NOT APPLY 
   // TO YOU.  IN NO EVENT WILL IBM BE LIABLE TO ANY PARTY 
   // FOR ANY DIRECT, INDIRECT, SPECIAL OR OTHER CONSEQUENTIAL 
   // DAMAGES FOR ANY USE OF THE SAMPLE CODE INCLUDING, 
   // WITHOUT LIMITATION, ANY LOST PROFITS, BUSINESS 
   // INTERRUPTION, LOSS OF PROGRAMS OR OTHER DATA ON 
   // YOUR INFORMATION HANDLING SYSTEM OR OTHERWISE, 
   // EVEN IF WE ARE EXPRESSLY ADVISED OF THE POSSIBILITY 
   // OF SUCH DAMAGES.
   // 
   // (C) Copyright IBM CORP. 2001
   // All rights reserved.
   // US Government Users Restricted Rights -
   // Use, duplication or disclosure restricted
   // by GSA ADP Schedule Contract with IBM Corp.
   // Licensed Material - Property of IBM	

   //////////////////////////////////////////////////////////////
   // iSeries Linux DB2/PHP/ODBC Demo
   // Written by Dave Boutcher (boutcher@us.ibm.com)
   //////////////////////////////////////////////////////////////
   // This PHP include maintains the session information for 
   // an ODBC connection to the iSeries system and checks that
   // the user is authenticated.
   //////////////////////////////////////////////////////////////
   include("functions.inc");

   // If we report the OS as AIX or OS400, assume we're running under PASE
   $isPase = (PHP_OS == "AIX" || PHP_OS == "OS400");

   // PHP call to start session services
   session_start(); 

   // See if an action was set either via a GET or POST operation
   if (isset($_GET["action"])) $action = $_GET["action"];
   else	if (isset($_POST["action"])) $action = $_POST["action"];
   else $action = '';

   // If the user asks to log out, clear everything
   if ($action == 'Logout') {
	session_unset();
	session_destroy();
	}

   // Get the system name from the session area
   if (!isset($_SESSION["isdb_system"])) $isdb_system = '';
   else $isdb_system = $_SESSION["isdb_system"];

   // Get the schema (database) name from the session area
   if (!isset($_SESSION["isdb_database"]))     $isdb_database = '';
   else $isdb_database = $_SESSION["isdb_database"];

   // See if a new system name was entered on a form
   if (isset($_POST["form_system"])) {
	$isdb_system = $_POST["form_system"];
	$_SESSION["isdb_system"] = $isdb_system;
   }

   // See if a new schema (database) name was entered on a form
   if (isset($_POST["form_database"])) {
        // Force the schema name to upper case (so DB2/400 is happy)
	$isdb_database = strtoupper($_POST["form_database"]);
	$_SESSION["isdb_database"] = strtoupper($_POST["form_database"]);
   }

   // If after all of that we don't have a good system or database,
   // or we got here from a button named "Retry", send the user to the 
   // login form.
   if ((!$isdb_system) || (!$isdb_database) || ($action == "Retry")) {
       session_unset();
       session_destroy();
       include("login.inc");
       exit;
   }
   
   // If we don't have a good user or password, force an authentication popup 
   // Disable for PASE, since it only works when running as a module
   if ( !$isPase &&
       ((!isset($_SERVER["PHP_AUTH_USER"])) || (!isset($_SERVER["PHP_AUTH_PW"])) ||
               (!$_SERVER["PHP_AUTH_USER"]) || (!$_SERVER["PHP_AUTH_PW"]))) {
       header("WWW-Authenticate: Basic realm=\"$isdb_system/$isdb_database\"");
       header('HTTP/1.0 401 Unauthorized');
       echo 'Authorization Required.';
       exit;
    } 

   // If we get this far, we have good system, schema, and user information
   // so connect to the database.
   $dsn = "DRIVER=iSeries Access ODBC Driver;SYSTEM=$isdb_system;DBQ=$isdb_database";
   if (!$isPase) {
      $db = odbc_pconnect($dsn, $_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"]);
   } else {
      $db = odbc_connect($isdb_system, "", "");
   }
   if ($db == 0) {
      include("html_tophdr.inc");
      echo "<td><h1>Error connecting to system</h1>";
      echo "<p>An error occurred connecting to system " . $isdb_system . ", schema " . $isdb_database;
      echo "<p>The error was: " . odbc_errormsg();
      echo "<p><form method=\"POST\" action=\"index.php\"><input type=\"submit\" name=\"action\" value=\"Retry\">";
      include("html_mainftr.inc");
      exit;
   }
   if ($isPase) {
      if(!odbc_setoption($db, 1, SQL_ATTR_DBC_DEFAULT_LIB, $isdb_database)) {
          include("html_tophdr.inc");
          echo "<td><h1>Error setting default library</h1>";
          echo "<p>An error occurred setting the default library to  " . $isdb_database;	
          echo "<p>The error was: " . odbc_errormsg();
          echo "<p><form method=\"POST\" action=\"index.php\"><input type=\"submit\" name=\"action\" value=\"Retry\">";
          include("html_mainftr.inc");
          exit;	
      }
   }
?>

Source for this page: showsource.php