SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Zealot
    Join Date
    Jul 2002
    Posts
    173
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Script won't work with register_globals off

    It turns out this script will not work with PHP register_globals off ... any help appreciated in tweaking it ... so I can also study it to make changes in other scripts.

    Thank you very much.

    -----

    <?PHP

    // include this file where you want to limit access.

    $username = "test";
    $password = "123";

    function authenticate() {
    Header( "WWW-authenticate: basic realm=\"Protected\"");
    Header( "HTTP/1.0 401 Unauthorized");
    echo "You must enter a valid login ID and password!\n";
    exit;
    }

    function CheckPwd($user,$pass) {
    global $username,$password;
    return ($user != $username || $pass != $password) ? false : true;
    }

    if(!isset($PHP_AUTH_USER)) {
    authenticate();
    }
    elseif(!CheckPwd($PHP_AUTH_USER,$PHP_AUTH_PW)) {
    authenticate();
    }
    ?>

    <html>
    <head>
    <title>Authentication System</title>
    </head>
    <body bgcolor="#FFFFFF">
    <font face="Verdana, Arial" size="2"><b>Welcome,</b></font>
    <hr size="1" width="300" align="left">
    <font face="Verdana, Arial" size="2">You have
    authenticated successfully!</font>
    </body>
    </html>
    -------

    I tried these changes but no dice:

    function CheckPwd($_POST['username'], $_POST['password']) {
    return ($_POST['user'] != $_POST['username'], || $_POST['pass'] != $_POST['password']) ) ? false : true;
    }

    if(!isset($_SERVER['PHP_AUTH_USER'])) {
    authenticate();
    }
    elseif(!CheckPwd($_SERVER['PHP_AUTH_PW'])) {
    authenticate();
    }

    ARRRGGGHHHH!!!

    -RocketMan

  2. #2
    lean mean coding machine cosmo's Avatar
    Join Date
    Aug 2001
    Location
    the cosmos
    Posts
    463
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I can't spot any error your code. Are you sure you are using the right version of PHP. The superglobals exist only for versions 4.1.0 or later.
    Luthfur R. - Web Developer
    PHP Lite.com - Professional PHP Scripts and Web Applications
    Calendar Express 2 - Web Based Calendar and Event Publishing System

  3. #3
    SitePoint Zealot
    Join Date
    Jul 2002
    Posts
    173
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I am using PHP4.2.2 on my PC and PHP4.3.2 on my ISP's AIX Unix...BOTH with "Register_globals OFF".

  4. #4
    Non-Member coo_t2's Avatar
    Join Date
    Feb 2003
    Location
    Dog Street
    Posts
    1,819
    Mentioned
    1 Post(s)
    Tagged
    1 Thread(s)
    Try something like this(untested):


    PHP Code:
    <?php

    $myUserName 
    'shaggyLikes';
    $myPassword 'scoobySnacks';

    function 
    CheckPwd($myName$theirName$myPass$theirPass) {
        return (
    $myName != $theirName || $myPass != $theirPass) ? false true;
    }

    if(!isset(
    $_SERVER['PHP_AUTH_USER'])) 
    {   
    authenticate();
    }
    elseif(!
    CheckPwd($myUserName$_SERVER['PHP_AUTH_USER'], $myPassword$_SERVER['PHP_AUTH_PW'])) 
    {
        
    authenticate();
    }

    ?>
    --ed


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •