Section 7 building a simple interactive website (3)

Build a simple interaction website (3) 6. for password verification, you may want to put your photo set on your website and only want to show it to your friends. at this time, you need a password verification program. 6.1 How does one use PHP to implement password verification based on HTTP authentication? We can use a short PHP code and use the function header () to send HTTP Build a simple interaction website(3.)

6.Password verification

Maybe you want to put your photo set on your website, and you just want to show it to your friends. at this time, you need a password verification program.

6.1Based onHTTPVerify

How to usePHPTo implement the password verification function? We can use a shortPHPCode, using functionsHeader ()SendHTTPHeader Mandatory authentication. the client browser displays a dialog box for entering the user name and password. InPHPThe information entered by the client user is transmitted to the service.EndAutomatically saved in$ PHP_AUTH_USER, $ PHP_AUTH_PW,And$ PHP_AUTH_TYPEAmong the three global variables. With these variables, we can save the data files or users in the database according to the implementation.AccountInformation to verify the user identity. However, you must note thatApacheWhen the module is running,PHPOnly scripts can be used$ PHP_AUTH_USER, $ PHP_AUTH_PW,And$ PHP_AUTH_TYPEThese three variables. If you are usingCGIModePHPThereforeHTTP.

6.2Next, we will introduce in detail how to usePHPVerify the user identity.

In the following example,We use$ PHP_AUTH_USERAnd$ PHP_AUTH_PWThese two variables verify whether the entrant is valid and allow access. In this example, the user names and password pairs that are allowed to log on areTncAndNature:
If (!Isset($ PHP_AUTH_USER ))
{
Header ("WWW-Authenticate: Basic realm =" My Realm "");
Header ("HTTP/1.0 401 Unauthorized ");
Echo "Text to send if user hits CancelButtonn";
Exit;
}
Else
{
If (! ($ PHP_AUTH_USER ="Tnc"& $ PHP_AUTH_PW =" nature "))
{
//If the user name is incorrect/Password pair, force re-verification
Header ("WWW-Authenticate: Basic realm =" My Realm "");
Header ("HTTP/1.0 401 Unauthorized ");
Echo "ERROR: $ PHP_AUTH_USER/$ PHP_AUTH_PW is invalid .";
Exit;
}
Else
{
Echo "WelcomeTnc! ";
}
?>

In fact, in actual reference, it is unlikely that the user name shown in the code segment is used above./Password pairs. Instead, they are accessed using databases or encrypted password files.

6.3Verifies the user identity based on the specified authentication information

First, we can use the following code to determine whether the user has entered the user name and password, and display the information entered by the user.

Php

If (!Isset($ PHP_AUTH_USER )){

Header ('www-Authenticate: Basic realm = "My Private Stuff "');

Header ('http/1.0 401 unauthorized ');

Echo'Authorization Required .';

Exit;

}

Else {

Echo"

You have entered this username: $ PHP_AUTH_USER <Br>

You have entered this password: $ PHP_AUTH_PW <Br>

The authorization type is: $ PHP_AUTH_TYPE

";

}

?>

Note:
Isset() Function is used to determine whether a variable has been assigned a value. Returns the result based on whether the variable value exists.TrueOrFalse.
Header() Functions are used to send specificHTTPHeader. Note: UseHeader() Functions must be output in anyHTMLOrPHPCall this function before the code.

Although the above code is quite simple and does not validate the user name and password entered by the user based on any actual value, at least we understand how to usePHPIn the generate input dialog box on the client.

Next, let's take a look at how to verify the user identity based on the specified authentication information. The code is as follows:

Php

If (!Isset($ PHP_AUTH_USER )){

Header ('www-Authenticate: Basic realm = "My Private Stuff "');

Header ('http/1.0 401 unauthorized ');

Echo'Authorization Required .';

Exit;

}

Else if (Isset($ PHP_AUTH_USER )){

If ($ PHP_AUTH_USER! = "Admin") | ($ PHP_AUTH_PW! = "123 ")){

Header ('www-Authenticate: Basic realm = "My Private Stuff "');

Header ('http/1.0 401 unauthorized ');

Echo'Authorization Required .';

Exit;

} Else {

Echo"

You're authorized!

";

}

}

?>

Here, we first check whether the user has entered the user name and password. if not, a dialog box is displayed asking the user to enter the identity information. Then, we determine whether the information entered by the user matchesAdmin/123This specified userAccountTo grant the user access permission or prompt the user to enter the correct information again. This method applies to all users using the same loginAccount.

6.4Another simple password verification method

If you areWindows 98Write and run yourPHPScript, or you areLinuxNext, setPHPInstall oneCGIProgram, you will not be able to use the abovePHPProgram to implement the verification function. To this end, we provide you with another simple password verification method. Although it is not practical, it is good to learn it.
Php
$ Password = "123 ";

// Check password
If ($ pass! = $ Password)
{
Echo"</SPAN> <SPAN style = "FONT-SIZE: 9pt"> password management <SPAN lang = EN-US>";
Echo"";
}
Else
{
Echo"</SPAN> Congratulations, you have passed password verification <SPAN lang = EN-US>";
Echo "script";
Echo'Window. location= "Http://gophp.heha.net/test/index.php3 "';
#Page transferred after Password verification
Echo "script";

}
?>