Welcome to WebmasterWorld Guest from 54.197.116.116

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

PHP user authorization

php

   
4:32 am on Jan 28, 2003 (gmt 0)

10+ Year Member



ok...i have this following script...and i always get unauthorized user even if i enter the corect username and password

<?php

$LOGIN = "User";
$PASSWORD = "password";

function error ($error_message) {
echo $error_message."<BR>";
exit;
}

if ( (!isset($PHP_AUTH_USER)) ! (($PHP_AUTH_USER == $LOGIN) && ( $PHP_AUTH_PW == "$PASSWORD" )) ) {
header("WWW-Authenticate: Basic entrer=\"Form2txt admin\"");
header("HTTP/1.0 401 Unauthorized");
error("Unauthorized access...");
}
?>

<!-- Add code of your web page here -->
webpage code

can anyone help me fix it?

5:20 am on Jan 28, 2003 (gmt 0)

10+ Year Member



Hey Sfar512,
according to the PHP manual [php.net] you should use:
$_SERVER["PHP_AUTH_USER"]
with more recent versions of PHP, I can't remember which one right now.
Anyway, you should try it.
5:29 am on Jan 28, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Welcome to WebmasterWorld [webmasterworld.com] Sfar512.

Be sure to read Marcia`s WebmasterWorld Welcome and Guide to the Basics [webmasterworld.com] post.

You should indeed use the superglobal $_SERVER when accessing the username and password.

Basic HTTP Authentication [faqs.org] is done according to RFC2617. There is no authentication parameter entrer defined in RFC2617. Instead the basic authentication scheme requires the realm parameter. If you use that your script should work.

Andreas