Basic authentication

Forum Moderators: coopster

Message Too Old, No Replies

Basic authentication

Text file/session

aspdaddy

8:15 pm on Jan 13, 2004 (gmt 0)

I want to password protect a /folder with a single password stored in a text file.

Files in the /folder will just #include a script to check the session is authenticated else redirect to the login page. The login page will set a session varaible by checking the password matches the one in the text file

Is this how it works in php? or is there a much easier way - Could someone give me start with the code.

Thanks

dmorison

8:31 pm on Jan 13, 2004 (gmt 0)

Yep - you've got it.

At the top of each page, you have something like:

session_register("auth");
if (!$auth)
{
header("Location: login.php");
exit();
}

and then the form processing part of login.php, assuming the password has been supplied in the form variable $password:

session_register("auth");
if ($password)
{
$fp = fopen("/somewhere/out/of/wwwroot/password.txt","r");
if (strtolower($password) == strtolower(trim(fgets($fp)))
{
$auth = TRUE;
header("Location: secretpage.php");
exit();
}
else
{
echo("Authentication failed.");
}
}
// login form

That's OTTOMH so apologies for syntactical errors; but it should give you a starting point.

aspdaddy

9:22 pm on Jan 13, 2004 (gmt 0)

Thanks - appreciated.

coopster

9:23 pm on Jan 13, 2004 (gmt 0)

Here are a couple of tutorials to get you off the ground:

h**p://www.zend.com/zend/spotlight/sessionauth7may.php
h**p://www.free2code.net/tutorials/programming/php/4/phplogin.php