Tutorials to .com

Tutorials to .com » Php » Others » PHP script of 8 skills (5) of the user authentication using PHP

PHP script of 8 skills (5) of the user authentication using PHP

Print View , by: iSee ,Total views: 7 ,Word Count: 644 ,Date: Mon, 20 Apr 2009 Time: 4:38 AM

If you want a script in each based on password protection, then you can joint use header () function and $ PHP_AUTH_USER, $ PHP_AUTH_PW global variables to create a basic authentication scheme. Usually based on the authentication server request / response round like this very much like the following:

1. The user to a Web server requesting a file. If the file in a protected area within the server document in response to add the first 401 (illegal users) as a response string.

2. To see the response to the browser after the pop-up username / password dialog box.

3. The user in the dialog box to enter a user name and password, and then click "Confirm" button to send the information back to the server.

4. If the user name and password valid, the document will be the protection of the user, and, as long as the user now has been proven within the protected areas. Certification process more effective.

A simple php script to mimic the HTTP authentication request / response system is sending the appropriate HTTP header to allow username / password dialog box automatically appear in the client's screen. PHP user input dialog box to the information stored in the $ PHP_AUTH_USER and $ PHP_AUTH_PW variables. The use of these variables, you can not in conformity with the username / password list kept testing to a text file, database or your own designated area of any

Note: $ PHP_AUTH_USER, $ PHP_AUTH_PW and $ PHP_AUTH_TYPE only three global variables in PHP was installed as a module to be effective. If you are using the CGI version of PHP, then you can only based on restricted. Htaccess authentication or authentication method based on the database, so you need to design HTML forms allow users to enter a user name and password again, for the validity of PHP.

This example shows the following two settings of the check, but in theory and in more than a user name and password to check there is no essential difference.

<?
/ * Check for values in $ PHP_AUTH_USER and $ PHP_AUTH_PW * /

if ((! isset ($ PHP_AUTH_USER)) | | (! isset ($ PHP_AUTH_PW))) (

/ * No values: send headers causing dialog box to appear * /
header ( 'WWW-Authenticate: Basic realm = "My Private Stuff"');
header ( 'HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
exit;

) Else if ((isset ($ PHP_AUTH_USER)) & & (isset ($ PHP_AUTH_PW))) (

/ * Values contain some values, so check to see if they're correct * /

if (($ PHP_AUTH_USER! = "validname") | | ($ PHP_AUTH_PW! = "goodpassword")) (
/ * If either the username entered is incorrect, or the password entered is incorrect, send the headers causing dialog box to appear * /
header ( 'WWW-Authenticate: Basic realm = "My Private Stuff"');
header ( 'HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
exit;
) Else if (($ PHP_AUTH_USER == "validname") | | ($ PHP_AUTH_PW == "goodpassword")) (
/ * If both values are correct, print success message * /
echo "<P> You're authorized! </ p>";
)
)
?>

Remember, when you are using file-based protection measures, not absolute in this way to protect the security blanket directory. It is better for you in terms of most people is obvious, but if your pop-up dialog box in between the brain and protection given to establish a connection between the directory, then you have to charge point to understand the process fresh.


php other Articles


Can't Find What You're Looking For?


Rating: Not yet rated

Comments

No comments posted.