Voting

: three plus two?
(Example: nine)

The Note You're Voting On

idbobby at rambler dot ru
13 years ago
First of all, sorry for my English.
One more authorization script with logout solution.
In script given by meint_at_meint_dot_net (http://www.php.net/manual/en/features.http-auth.php#93859) rewrite_module is used. If there are any problems with that module and possibilities of administration of the web-server are restricted (including restrictions for use of .htaccess) then you can use this solution.

index.php
---------

<?php

$auth_realm
= 'My realm';

require_once
'auth.php';

echo
"You've logged in as {$_SESSION['username']}<br>";
echo
'<p><a href="?action=logOut">LogOut</a></p>'

?>

auth.php
--------

<?php

$_user_
= 'test';
$_password_ = 'test';

session_start();

$url_action = (empty($_REQUEST['action'])) ? 'logIn' : $_REQUEST['action'];
$auth_realm = (isset($auth_realm)) ? $auth_realm : '';

if (isset(
$url_action)) {
if (
is_callable($url_action)) {
call_user_func($url_action);
} else {
echo
'Function does not exist, request terminated';
};
};

function
logIn() {
global
$auth_realm;

if (!isset(
$_SESSION['username'])) {
if (!isset(
$_SESSION['login'])) {
$_SESSION['login'] = TRUE;
header('WWW-Authenticate: Basic realm="'.$auth_realm.'"');
header('HTTP/1.0 401 Unauthorized');
echo
'You must enter a valid login and password';
echo
'<p><a href="?action=logOut">Try again</a></p>';
exit;
} else {
$user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '';
$password = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '';
$result = authenticate($user, $password);
if (
$result == 0) {
$_SESSION['username'] = $user;
} else {
session_unset($_SESSION['login']);
errMes($result);
echo
'<p><a href="">Try again</a></p>';
exit;
};
};
};
}

function
authenticate($user, $password) {
global
$_user_;
global
$_password_;

if ((
$user == $_user_)&&($password == $_password_)) { return 0; }
else { return
1; };
}

function
errMes($errno) {
switch (
$errno) {
case
0:
break;
case
1:
echo
'The username or password you entered is incorrect';
break;
default:
echo
'Unknown error';
};
}

function
logOut() {

session_destroy();
if (isset(
$_SESSION['username'])) {
session_unset($_SESSION['username']);
echo
"You've successfully logged out<br>";
echo
'<p><a href="?action=logIn">LogIn</a></p>';
} else {
header("Location: ?action=logIn", TRUE, 301);
};
if (isset(
$_SESSION['login'])) { session_unset($_SESSION['login']); };
exit;
}

?>

<< Back to user notes page

To Top