Re: [PHP-WIN] $PHP_AUTH_USER

[Ross Fleming]

Well it seemed to me that the $PHP_ variables were always set, just
sometimes blank.  Yes it's possible at php.net, it's where I got most of
the answer for.  I just used a bit of logic and searched for "empty" in
the function list, and it came up with that function.  The best way to
do it, I would say, is to download the pdf version of the manual (quite
a hefty download, but worth it) and search it for terms you think will
help u.  (ie searching for empty cos I knew I was looking for a function
that would tell me if a variable was empty or not)

As to your script, it looks to me as if that will allow you to have a
blank password, haven't tried it yet though, just at a first glance
that's my opinion.  I'd also use a database lookup instead of a text
file to hold the usernames and passwords.  a) more secure and b) easier
to control users.

Ross

morten wrote:
> 
> Hi again,
> 
> Cool, where do you find out those things. (emty instead of !isset). Is it
> possible at php.net?
> Meantime I also find som exsamples at webmonkey.org. They turn out to
> be good. And they - use 'isset'
> 
> <?php
> // File Name: auth03.php
> // Check to see if $PHP_AUTH_USER already contains info
> if (!isset($PHP_AUTH_USER)) {
>   // If empty, send header causing dialog box to appear
>   header('WWW-Authenticate: Basic realm="My Private Stuff"');
>   header('HTTP/1.0 401 Unauthorized');
>   exit;
> } else if (isset($PHP_AUTH_USER)) {
>   // If non-empty, open file containing valid user info
>   $filename = "text.txt";
>   $fp = fopen($filename, "r");
>   $file_contents = fread($fp, filesize($filename));
>   fclose($fp);
>   // Place each line in user info file into an array
>   $line = explode("\n", $file_contents);
>   // For as long as $i is <= the size of the $line array,
>   // explode each array element into a username and password pair
>   $i = 0;
>   while($i <= sizeof($line)) {
>     $data_pair = explode(":", $line[$i]);
>     if (($data_pair[0] == "$PHP_AUTH_USER") && ($data_pair[1] ==
> "$PHP_AUTH_PW")) {
>       $auth = 1;
>       break;
>     } else {
>       $auth = 0;
>     }
>     $i++;
>   }
>   if ($auth == "1") {
>     echo "<P>You're authorized!</p>";
>     exit;
>   } else {
>     header('WWW-Authenticate: Basic realm="My Private Stuff"');
>     header('HTTP/1.0 401 Unauthorized');
>     echo 'Authorization Required.';
>     exit;
>   }
> }
> ?>
> 
> Morten

-- 
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]