On 21 February 2011 06:27, Ashim Kapoor <ashimkap...@gmail.com> wrote:
>  <?php
> if (!isset($_SERVER['PHP_AUTH_USER'])) {
>    header('WWW-Authenticate: Basic realm="My Realm"');
>    header('HTTP/1.0 401 Unauthorized');
>    echo 'Text to send if user hits Cancel button';
>    exit;
> } else {
>    echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
>    echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
> }
> ?>
> Dear All,
> Above is a code example from php.net
> http://php.net/manual/en/features.http-auth.php
> What I am left wondering is the SEQUENCE OF FLOW of logic here. Assume a
> page has ONLY this code. Then the 1st time the if condition will branch into
> if part ( and not the else ) . Then it will send a header and ask for a
> username/password pair. When I enter that it is STILL in the IF part. How
> will it jump to the else part and authorize me UNLESS when I press enter it
> reloads the page. Maybe I am tired and not thinking straight. Would love to
> hear a clarification on this.

You are tired and not thinking straight. HTTP is a stateless thing: 1.
you request the page, but you're not authorized, hence you hit the
first part of the if. PHP does not wait for you to do anything, it
just runs through the script and sends back a page to you. 2. You
enter your auth details, once again requesting the same page. 3. PHP
now sees the auth header sent by your browser, hence hits the second
part of the if.


WWW: plphp.dk / plind.dk
LinkedIn: plind
BeWelcome/Couchsurfing: Fake51
Twitter: kafe15

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to