homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Gold Sponsor 2015!
Home / Forums Index / WebmasterWorld / New To Web Development
Forum Library, Charter, Moderators: brotherhood of lan & mack

New To Web Development Forum

Header Authentication
doesnt work live

5+ Year Member

Msg#: 3921564 posted 11:22 am on May 28, 2009 (gmt 0)

I am using Header authentication to enter the administrator page of my website..
While I developed and tested the site on localhost. it worked fine and still does..

But as I transfered all the files on my hosting provider, it tells me username and password wrong.. which I am sure cannot be wrong as it is in the script and I have access to it..

What might be the problem?



5+ Year Member

Msg#: 3921564 posted 3:51 am on May 29, 2009 (gmt 0)

Ok ... I am using this code for authentication


// Username and Password for authorization

$username = 'somename';
$password = 'somepassword';

if(!isset($_SERVER['PHP_AUTH_USER']) !isset($_SERVER['PHP_AUTH_PW']) ($_SERVER['PHP_AUTH_USER'] != $username) ($_SERVER['PHP_AUTH_PW'] != $password)) {
// The username and password are incorrect and so send the authentication headers

header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate:Basic realm ="My website"');
exit('<div align="center"><h2> My website </h2> You must enter valid username and password to access this page.');




5+ Year Member

Msg#: 3921564 posted 10:06 am on May 30, 2009 (gmt 0)

My guess is you're going from an Apache handler version of PHP on localhost, to an implementation of fastCGI on your live host that doesn't handle the PHP_AUTH_* variables the same.

I'm not sure how to fix it, but perhaps that will get you going in the right direction.


5+ Year Member

Msg#: 3921564 posted 4:51 am on May 31, 2009 (gmt 0)

yes yes .... you are right. I was using XAMPP to test the site offline.
I dont have much knowledge of fastCGI , or even CGI for that matter

Any pointers?


WebmasterWorld Senior Member 5+ Year Member

Msg#: 3921564 posted 1:12 pm on Jun 11, 2009 (gmt 0)

right after the authorization headers dump the $_SERVER var and check the parameters it may help.

Although to avoid this kind of problem you could always setup the pw protection from your host's cpanel as this will protect the sub-folders too while the one you posted operates with the application script(s) only.

Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / New To Web Development
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved