PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
irishmike2004
Forum Contributor
Posts: 119 Joined: Mon Nov 15, 2004 3:54 pm
Location: Lawrence, Kansas
Post
by irishmike2004 » Thu Nov 18, 2004 7:32 pm
Greetings:
I am new to PHP programming and running PHP 5.0.2 on a mac ontop of apache 1.3 and been trying to implement the standard HTTP authentication code to use in a member only section in a very simple configuration, in other words the complete authentication will happen on the PHP page.
I have seen much code, but it doesn't seem to work in FireFox 1.0 which is my browser of choice. The target audience for the site is mac users and wanted to see if I could get some help fixing this or a better method for work around. The code I had available was:
Code: Select all
<?php
if ((!isset($PHP_AUTH_USER)) ||
(!isset($PHP_AUTH_PW)) ||
($PHP_AUTH_USER != "guest") ||
($PHP_AUTH_PW != "guest"))
{
header('WWW-Authenticate: Basic realm="Private Area"');
header("HTTP/1.1 401 Unauthorized");
print "This page requires authorisation.";
exit();
}
else
{
print "You're through to the secret page, was the effort worth it?";
}
?>
This page if you enter guest just re-spawns the login box... ideally we would make the page with a form and the authentication would happen from our form. Any Help is REALLY appreciated.
irishmike2004
Forum Contributor
Posts: 119 Joined: Mon Nov 15, 2004 3:54 pm
Location: Lawrence, Kansas
Post
by irishmike2004 » Thu Nov 18, 2004 10:53 pm
Thanks, same result with those variables... read the page no help. Still where I was though.
Weirdan
Moderator
Posts: 5978 Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine
Post
by Weirdan » Thu Nov 18, 2004 11:04 pm
irishmike2004 wrote: Thanks, same result with those variables... read the page no help. Still where I was though.
use this code:
Code: Select all
header('WWW-Authenticate: Basic realm="Private Area"');
header("HTTP/1.1 401 Unauthorized");
print "This page requires authorisation.";
echo '<pre>';
var_dump($_SERVER);
echo '</pre>';
and when it asks for password
second time press 'Cancel' and copy what it yields. Post the output here and then we'll be able to help you, perhaps.
irishmike2004
Forum Contributor
Posts: 119 Joined: Mon Nov 15, 2004 3:54 pm
Location: Lawrence, Kansas
Post
by irishmike2004 » Thu Nov 18, 2004 11:26 pm
Here is the output requested:
Code: Select all
This page requires authorization.
array(31) {
ї"DOCUMENT_ROOT"]=>
string(28) "/Library/WebServer/Documents"
ї"HTTP_ACCEPT"]=>
string(99) "text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"
ї"HTTP_ACCEPT_CHARSET"]=>
string(30) "ISO-8859-1,utf-8;q=0.7,*;q=0.7"
ї"HTTP_ACCEPT_ENCODING"]=>
string(12) "gzip,deflate"
ї"HTTP_ACCEPT_LANGUAGE"]=>
string(14) "en-us,en;q=0.5"
ї"HTTP_CONNECTION"]=>
string(10) "keep-alive"
ї"HTTP_HOST"]=>
string(9) "127.0.0.1"
ї"HTTP_KEEP_ALIVE"]=>
string(3) "300"
ї"HTTP_USER_AGENT"]=>
string(87) "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; rv:1.7.3) Gecko/20041001 Firefox/0.10.1"
ї"PATH"]=>
string(71) "/bin:/sbin:/usr/bin:/usr/sbin:/usr/libexec:/System/Library/CoreServices"
ї"REMOTE_ADDR"]=>
string(9) "127.0.0.1"
ї"REMOTE_PORT"]=>
string(5) "59256"
ї"SCRIPT_FILENAME"]=>
string(35) "/Users/jmikeneedham/Sites/login.php"
ї"SCRIPT_URI"]=>
string(61) "http://j-mike-needhams-computer.local/~jmikeneedham/login.php"
ї"SCRIPT_URL"]=>
string(24) "/~jmikeneedham/login.php"
ї"SERVER_ADDR"]=>
string(9) "127.0.0.1"
ї"SERVER_ADMIN"]=>
string(18) "їno address given]"
ї"SERVER_NAME"]=>
string(30) "j-mike-needhams-computer.local"
ї"SERVER_PORT"]=>
string(2) "80"
ї"SERVER_SIGNATURE"]=>
string(82) "
Apache/1.3.29 Server at j-mike-needhams-computer.local Port 80
"
ї"SERVER_SOFTWARE"]=>
string(32) "Apache/1.3.29 (Darwin) PHP/5.0.2"
ї"GATEWAY_INTERFACE"]=>
string(7) "CGI/1.1"
ї"SERVER_PROTOCOL"]=>
string(8) "HTTP/1.1"
ї"REQUEST_METHOD"]=>
string(3) "GET"
ї"QUERY_STRING"]=>
string(0) ""
ї"REQUEST_URI"]=>
string(24) "/~jmikeneedham/login.php"
ї"SCRIPT_NAME"]=>
string(24) "/~jmikeneedham/login.php"
ї"PATH_TRANSLATED"]=>
string(35) "/Users/jmikeneedham/Sites/login.php"
ї"PHP_SELF"]=>
string(24) "/~jmikeneedham/login.php"
ї"PHP_AUTH_USER"]=>
string(5) "guest"
ї"PHP_AUTH_PW"]=>
string(5) "guest"
}
Weirdan
Moderator
Posts: 5978 Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine
Post
by Weirdan » Thu Nov 18, 2004 11:38 pm
Code: Select all
<?php
if ((!isset($_SERVER['PHP_AUTH_USER'])) ||
(!isset($_SERVER['PHP_AUTH_PW'])) ||
($_SERVER['PHP_AUTH_USER'] != "guest") ||
($_SERVER['PHP_AUTH_PW'] != "guest"))
{
header('WWW-Authenticate: Basic realm="Private Area"');
header("HTTP/1.1 401 Unauthorized");
print "This page requires authorisation.";
exit();
}
else
{
print "You're through to the secret page, was the effort worth it?";
}
?>
should work.
irishmike2004
Forum Contributor
Posts: 119 Joined: Mon Nov 15, 2004 3:54 pm
Location: Lawrence, Kansas
Post
by irishmike2004 » Fri Nov 19, 2004 6:10 am
It worked... Thanks for the help