prob with php-authenticate

Forum Moderators: coopster

Message Too Old, No Replies

prob with php-authenticate

hafnius

9:25 pm on Jul 19, 2003 (gmt 0)

HI all

i have a small authenticate script at the top of my admin.php page. When this page is called i want it to send the user back to the refferer if the pw is wrong or empty, and let the user see the page if pw is correct - basic stuff i think, but not when it wont work.

I got this sofar, but i cant make it work like intended. Like it is now it wont load at all, it just loads the refferer.

Any thoughts welcome


<?
$userdescription = "admin";
$userpassword = "pw";if(!isset($PHP_AUTH_USER)) {
 Header("WWW-authenticate: Basic realm=foo");
 Header("HTTP/1.0 401 Unauthorized");
 Header("location: $HTTP_REFERRER");
 exit();
}else {
 if(!( $userdescription == $PHP_AUTH_USER and $userpassword = $PHP_AUTH_PW )) {
 Header("WWW-authenticate: Basic realm=foo");
 Header("HTTP/1.0 401 Unauthorized");
Header("location: $HTTP_REFERRER");
 exit();
 }
 //otherwise ok
}
?>

Kind Regards
Hafnius

Birdman

3:43 am on Jul 20, 2003 (gmt 0)

I think you need to call the server variables like this:

$SERVER[HTTP_REFERRER]

Or something like that. Php.net has it all documented.

Birdman

hafnius

3:48 am on Jul 20, 2003 (gmt 0)

Thanks Birdman

I think youre right after i have lokked in to it. i will check php.net for the answer.

Regards
Hafnius

hakre

9:30 am on Jul 20, 2003 (gmt 0)

one quick shot: if php is running in cgi mode, this won't work, sapi is needed for php to allow using authentication.

in your example it seems that your script is executed just from top to down until the redirect and exit. that means probably authentication via php is not supported.

an example of a working code can be found in the docs at php.net [php.net].

-hakre