homepage Welcome to WebmasterWorld Guest from 54.226.191.80
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / New To Web Development
Forum Library, Charter, Moderators: brotherhood of lan & mack

New To Web Development Forum

    
Header Authentication
doesnt work live
naiquevin




msg:3921566
 11:22 am on May 28, 2009 (gmt 0)

I am using Header authentication to enter the administrator page of my website..
While I developed and tested the site on localhost. it worked fine and still does..

But as I transfered all the files on my hosting provider, it tells me username and password wrong.. which I am sure cannot be wrong as it is in the script and I have access to it..

What might be the problem?

 

naiquevin




msg:3922183
 3:51 am on May 29, 2009 (gmt 0)

Ok ... I am using this code for authentication

<?php

// Username and Password for authorization

$username = 'somename';
$password = 'somepassword';

if(!isset($_SERVER['PHP_AUTH_USER']) !isset($_SERVER['PHP_AUTH_PW']) ($_SERVER['PHP_AUTH_USER'] != $username) ($_SERVER['PHP_AUTH_PW'] != $password)) {
// The username and password are incorrect and so send the authentication headers

header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate:Basic realm ="My website"');
exit('<div align="center"><h2> My website </h2> You must enter valid username and password to access this page.');

}

?>

jkovar




msg:3922940
 10:06 am on May 30, 2009 (gmt 0)

My guess is you're going from an Apache handler version of PHP on localhost, to an implementation of fastCGI on your live host that doesn't handle the PHP_AUTH_* variables the same.

I'm not sure how to fix it, but perhaps that will get you going in the right direction.

naiquevin




msg:3923303
 4:51 am on May 31, 2009 (gmt 0)

yes yes .... you are right. I was using XAMPP to test the site offline.
I dont have much knowledge of fastCGI , or even CGI for that matter

Any pointers?

enigma1




msg:3931183
 1:12 pm on Jun 11, 2009 (gmt 0)

right after the authorization headers dump the $_SERVER var and check the parameters it may help.

Although to avoid this kind of problem you could always setup the pw protection from your host's cpanel as this will protect the sub-folders too while the one you posted operates with the application script(s) only.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / New To Web Development
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved