PHP's HTTP authentication mechanism only works when PHP is running as an Apache module, so this feature is not available for CGI versions. In the Apache module PHP script, you can use the header () function to send the "authentication Required" message to the client browser, which pops up a username/Password Entry window. When the user enters the user name and password, the PHP script containing the URL will be called again with the predefined variables php_auth_user, PHP_AUTH_PW, and Auth_type, which are set to the user name, password, and authentication type, respectively. The predefined variables are saved in the $_server or $HTTP _server_vars array. The system only supports "basic" authentication
$authorized = FALSE;
if (Isset ($_server[' Php_auth_user ')) && isset ($_server[' PHP_AUTH_PW ']) {
$authFile = File ("./password.txt");
foreach ($authFile as $login) {
List ($username, $password) = Explode (":", $login);
$password = Trim ($password);
if ($username = = $_server[' Php_auth_user ') && ($password = = MD5 ($_server[' PHP_AUTH_PW '))) {
$authorized = TRUE;
Break
}
}
}
If not authorized, display authentication prompt or 401 error
if (! $authorized) {
Header (' Www-authenticate:basic realm= ' Secret Stash ');
Header (' http/1.0 401 Unauthorized ');
Print (' You must provide the proper credentials! ');
Exit
}
?>
http://www.bkjia.com/PHPjc/629712.html www.bkjia.com true http://www.bkjia.com/PHPjc/629712.html techarticle PHP's HTTP authentication mechanism only works when PHP is running as an Apache module, so this feature is not available for CGI versions. In the Apache module PHP script, you can use the header () function ...