ID: 1
Viewed: 4087
Added: Nov 13, 2001
Version:
Snippet uploaded by: snippet
Written By: snippet
Demo: Sorry, no demo
Thank you for your vote. Please wait...
It appears you already voted for this snippet
It appears your vote value was empty
You can use an existing .htpasswd file with your PHP-based authentication scripts by using a combination of the substr() and the crypt() function to match the value entered by the user for $PHP_AUTH_PW, and an entry in the .htpasswd file.
<!---Head--->
none
<!---Body--->
<?
If (!isset($PHP_AUTH_USER)) {
header('WWW-Authenticate: Basic realm="Private"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
Exit;
} Else If (isset($PHP_AUTH_USER)) {
$filename = "/path/to/.htpasswd";
$fp = fopen($filename, "r");
$file_contents = fread($fp, filesize($filename));
fclose($fp);
// Place each line in user info file into an array
$Line = explode("n", $file_contents);
// For as long as $i is less than the size of the $line array,
// explode each array element into a use\r\name and password
// pair and attempt to match to $PHP_AUTH_USER and
// $PHP_AUTH_PW values
$i = 0;
While($i <= sizeof($Line)) {
$data_pair = explode(":", $Line[$i]);
If ($data_pair[0] == "$PHP_AUTH_USER") {
// get salt from $data_pair[1]
$salt = substr($data_pair[1], 0, 2);
// encrypt $PHP_AUTH_PW based on $salt
$enc_pw = crypt($PHP_AUTH_PW, $salt);
// try to match encrypted passwords
If ($data_pair[1] == "$enc_pw") {
$auth = 1;
break;
} Else {
$auth = 0;
}
} Else {
$auth = 0;
}
$i++;
}
// check value of $auth
If ($auth == "1") {
echo "You're authorized!
";
} Else {
header('WWW-Authenticate: Basic realm="Private"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
Exit;
}
}
?>
No Comments to show
Please completely fill out the form below if you want to review this snippet. All reviews are subject to validation.
Adding your comment. Please wait...
Thanks for adding your comment!. After further review it will be added.
There was a problem adding your comment. Please try again.
Please complete all the fields in the form before sending.