I used Louis example (03-Jun-2006) and it works well for me (thanks).
However, I added some lines, to make sure, the user does only get the Authentification-Window a few times:
<?php
$realm = mt_rand( 1, 1000000000)."@YourCompany";
$_SESSION['realm'] = $realm;
$_SESSION['CountTrials'] = 1;
?>
And then when it comes to check the authentification (ZEND-Tutorial):
<?php
if (!$auth) {
$_SESSION['CountTrials']++;
if ($_SESSION['CountTrials'] == 4) {
session_destroy() ;
header('Location: noentry.php');
exit ;
} else {
header("WWW-Authenticate: Basic realm=".$_SESSION['realm']);
header("HTTP/1.0 401 Unauthorized");
echo 'Authorization Required.';
exit;
}
} else {
echo '<P>You are authorized!</P>';
}
?>
noentry.php is slightely different from comeagain.php.
