php authentication help please

WotDa

WotDa

WotDa

Soldato
Joined
6 Jun 2006
Posts
6,012
Location
Kent
So, I've been trying several ways of authentication for a section of my site, the htaccess/passwd route doesn't seem to work though. So, I went out and found a php script, the login box pops up ok, I enter the right user/pass but then it just loops, any ideas please?

This is the code. :)

Code: 
<?
//part 1
if (!isset($PHP_AUTH_USER)) 
{ 
    header("WWW-Authenticate: Basic realm=\"Login\""); 
    Header("HTTP/1.0 401 Unauthorized"); 
    exit; 
}     

//part 2
else if(($PHP_AUTH_USER=="user") && ($PHP_AUTH_PW=="password")) 
{ 
   echo "You got in...";
     
} 

//part 3
else  
{ 
   echo "<html><body bgcolor=ffffcc>Failed, please try again."; 
   //fail try again
} 
?>

Any other methods of securing a directory are very welcome, and thanks in advance. :)
 
think might need to see the rest of the code, you may need to set if the auth worked as a session like $_SESSION['PHP_AUTH'], remembering to use session_start() at the top of your scripts.

also htaccess may not be working as your isp may require you to encrypt your htpasswd file. if they use cpanel or similar you may even be able to setup password protected dirs from the GUI.
 
Your script appears to be relying on register_globals being turned on, which is bad practice. You should replace all the $PHP_AUTH_* variables with $_SERVER['PHP_AUTH_*'] and try again :)
 
paulhuk2 said:
Your script appears to be relying on register_globals being turned on, which is bad practice. You should replace all the $PHP_AUTH_* variables with $_SERVER['PHP_AUTH_*'] and try again :)
Click to expand...

Cool, thanks. I shall try that in a bit. :)
 
You must log in or register to reply here.
Back
Top Bottom