SitePoint.com

esammons · Oct 29, 2004, 13:17

I am very new to Basic Auth in PHP. Thus far I have been doing basic auth from the web server itself. I am ready to move on.

The following code seems to work for my initial auth. However, I would like this one auth to suffice for pages and redirects called from "it".

Code:

<?
   function check_creds($user, $pass) {
      if (isset($user) && isset($pass) && $user === strrev($pass)) {
         return true;
      } else {
         return false;
      }
   }
                                                                                
?>
<?php
   if (! check_creds($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
      header('WWW-Authenticate: Basic realm="Eric"');
      header('HTTP/1.0 401 Unauthorized');
      exit;
   }
?>
<?php
   header('Locaton: page2.php');
   exit();
?>

As you can see I am trying to get to page2.php after my auth. page2 is in the same directory as auth.php so I believe I have no issue here.

page2.php looks like this... I am certain it is completely wrong.

Code:

<?php
   require 'auth.php';
   if (! check_creds($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
      header('WWW-Authenticate: Basic realm="Eric"');
      header('HTTP/1.0 401 Unauthorized');
      echo "<h1>You must authenticate</h1>";
      exit;
   }
?>
<H1>Arrived at Page 2</H1>

Does anyone have some pointers. I have tried using session_start and $_SESSION['user']... but either, again, I did something wrong or that just doesn't work.

samsm · Oct 29, 2004, 14:52

I like going with sessions.

My recommendation would be to try to get sessions working in the simplest way possible, then look at making a login around it.

PHP Code:


session_start(); // has to be before headers are sent

if (isset($_GET['var']))

{

   $_SESSION['test'] = $_GET['var'];

}

echo 'Session = ' . $_SESSION['test'];

So you make that page, call it test.php or something.
Access it via: test.php?var=working
Session = working should appear on the page.
Then access the page via just test.php
If you get the same message, you just got sessions working!

Oct 29, 2004, 13:17	#1
esammons SitePoint Member Join Date: Sep 2004 Location: Virginia Posts: 23	Trouble have CREDS carry over from page1 to page2 I am very new to Basic Auth in PHP. Thus far I have been doing basic auth from the web server itself. I am ready to move on. The following code seems to work for my initial auth. However, I would like this one auth to suffice for pages and redirects called from "it". Code: <? function check_creds($user, $pass) { if (isset($user) && isset($pass) && $user === strrev($pass)) { return true; } else { return false; } } ?> <?php if (! check_creds($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { header('WWW-Authenticate: Basic realm="Eric"'); header('HTTP/1.0 401 Unauthorized'); exit; } ?> <?php header('Locaton: page2.php'); exit(); ?> As you can see I am trying to get to page2.php after my auth. page2 is in the same directory as auth.php so I believe I have no issue here. page2.php looks like this... I am certain it is completely wrong. Code: <?php require 'auth.php'; if (! check_creds($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { header('WWW-Authenticate: Basic realm="Eric"'); header('HTTP/1.0 401 Unauthorized'); echo "<h1>You must authenticate</h1>"; exit; } ?> <H1>Arrived at Page 2</H1> Does anyone have some pointers. I have tried using session_start and $_SESSION['user']... but either, again, I did something wrong or that just doesn't work.

Oct 29, 2004, 14:52	#2
samsm SitePoint Wizard Join Date: Nov 2001 Location: Atlanta, GA, USA Posts: 5,059	I like going with sessions. My recommendation would be to try to get sessions working in the simplest way possible, then look at making a login around it. PHP Code: `session_start(); // has to be before headers are sent if (isset($_GET['var'])) { $_SESSION['test'] = $_GET['var']; } echo 'Session = ' . $_SESSION['test'];` So you make that page, call it test.php or something. Access it via: test.php?var=working Session = working should appear on the page. Then access the page via just test.php If you get the same message, you just got sessions working!

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode