How can a static page be defined as a restricted page? When I look at identity authentication, the book mentions the concept of HTTP authentication, that is, if a user wants to read a protected resource, the server will return a 401, in this way, the browser will pop up a login window based on 401. This process is well simulated in PHP, for example: & nbsp; 3 $ usernamesnailhope; & nbsp; 4 $ password123 static page how to define a restricted page?
When I look at identity authentication, the book mentions the concept of HTTP authentication, that is, if a user wants to read a protected resource, the server will return a 401, in this way, the browser will pop up a login window based on 401. This process is well simulated in PHP, for example:
3 $ username = 'default ';
4 $ password = '000000 ';
5 // when you log on to this page, you must call the verification box because the USER and PW are not set.
6 if (! Isset ($ _ SERVER ['php _ AUTH_USER ']) |! Isset ($ _ SERVER ['php _ AUTH_PW '])
7 | $ _ SERVER ['php _ AUTH_USER ']! = $ Username | $ _ SERVER ['php _ AUTH_PW ']! = $ Password ){
8 // set this page to unauthorized access
9 header ('http/1.1 401 unauthorized ');
10 // call the verification box for logon verification
11 header ('www-Authenticate: Basic realm = "logon authentication "');
12 exit ('verification failed !!! ');
13}
I would like to ask, if there is no way to write code for a static page, how can I define a page as protected?
------ Solution --------------------
There is basically nothing to do with your above verification method. the experience is poor and the security is not high...
To control a page, you can use the include method after determining the permission or read the page content output.
The page can be placed outside the web directory.
Protection is done on the server unless you are developing cs.