On 23/10/06, Jochem Maas <[EMAIL PROTECTED]> wrote:
Dotan Cohen wrote:... > Thanks for any and all input. // here is a completely different way of doing it: function setSimplePageProtectionDetails($login, $pwd, $makeSha1Hash = false) { if (!defined('SIMPLE_AUTH_PW') && !defined('SIMPLE_AUTH_USER')) { if (!$login || !$pwd) { return 0; } define('SIMPLE_AUTH_USER', $login); define('SIMPLE_AUTH_PW', ($makeSha1Hash ? sha1($pwd) : $pwd)); } return -1; } function simplePageProtection($token = null, $realm = null) { if (!defined('SIMPLE_AUTH_PW') || !defined('SIMPLE_AUTH_USER')) { die('required authentication details are not configured - unable to grant access to anyone.'); } if (($token === null) || !$bla = strval($token)) $bla = 'micrositedefault'; $token = 'access_to_'.$bla.'_granted'; if (! ($realm = strval($realm))) $realm = "Please login"; if (!isset($_SESSION[ $token ]) || !$_SESSION[ $token ]) { $_SESSION[ $token ] = false; $login = isset($_SERVER[ 'PHP_AUTH_USER' ]) ? $_SERVER[ 'PHP_AUTH_USER' ]: false; $pass = isset($_SERVER[ 'PHP_AUTH_PW' ]) ? $_SERVER[ 'PHP_AUTH_PW' ]: false; if (strtolower(trim($login)) == strtolower(trim(SIMPLE_AUTH_USER)) && sha1($pass) === SIMPLE_AUTH_PW) { $_SESSION[ $token ] = true; } else { header('WWW-Authenticate: Basic realm="'.$realm.'."'); header('HTTP/1.0 401 Unauthorized'); exit; } } } // configure page protection setSimplePageProtectionDetails('your_login', 'your_pwd', true); // alternative page protection (using literal sha1 hash of the string 'your_pwd') // setSimplePageProtectionDetails('your_login', '0eb9a6a3306220b901c7b4920cd9896899f219be'); // activate page protection simplePageProtection('your_token', 'your_realm');
Thanks, I had considered http authentication and decided against it as I am not familiar with it. By your example, I learn. Thank you. Dotan Cohen http://what-is-what.com/what_is/linux.html http://technology-sleuth.com/question/what_is_a_router.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
