HTTP Authentication

Status
Not open for further replies.
thephoenics

thephoenics

New Member
Messages
12
Reaction score
0
Points
0
dear sir,

I am using Intermediate PHP Plan. I wish to use HTTP Authentication for my site, as it is really important to provide some security features. I am planning to implement it using PHP. I see here that HTTP Authentication is not possible using this. Can you please help me in this regard sir.

This is the code I use.

<?
if(!isset($_SERVER["PHP_AUTH_USER"]) || $_GET["logout"]) {
header("WWW-Authenticate: Basic realm=\"My Realm\"");
header("Status: 401 Unauthorized");
header("HTTP-Status: 401 Unauthorized");
if($_GET["logout"]) echo "You have logged out.\n";
else echo "Text to send if user hits Cancel button\n";
exit;
}
else {
echo "Hello " . $_SERVER["PHP_AUTH_USER"] . ".<BR>";
echo "You entered " . $_SERVER["PHP_AUTH_PW"] . " as your password.
";
echo "<a href=$PHP_SELF?logout=1>Click here to logout</a>";
}
?>
Click to expand...
I feel that it is because of some CGI / Apache Mod thing. The HTTP Authentication apparently doesn't work in CGI Mode.
I would be really glad if you could help me in this matter,

Thank you sir,

Regards,
Kiran
 
Last edited:
Jarryd

Jarryd

Community Advocate
Community Support
Messages
5,534
Reaction score
43
Points
48
Well, i am sorry that i can't help you with that, i am sure someone will come help you... i am posting this to say, well done on someone putting some protection in =] I've seen some weak php sites... ones that are unsafe, and i would wanna hope that if i signed up, my personal data didn't get stolen..So well done! And good luck.
 
thephoenics

thephoenics

New Member
Messages
12
Reaction score
0
Points
0
http://labs.spaceshipnofuture.org/icky/HTTP authentication with PHP-CGI/

Sir, I have found out the solution for the problem. As the PHP is in CGI mode, one way is to make it in Apache Mod mode. Else, we can also use the example in the above link. Here, it needs to use .htaccess and the ReWrite Module installed. I would be glad if you could tell me if it is installed on x10hosting sites.

I would be really grateful if you could guide me in this regard.

Regards,
Kiran
 
A

athiwatc

New Member
Messages
155
Reaction score
0
Points
0
Hellsheep said:
Well, i am sorry that i can't help you with that, i am sure someone will come help you... i am posting this to say, well done on someone putting some protection in =] I've seen some weak php sites... ones that are unsafe, and i would wanna hope that if i signed up, my personal data didn't get stolen..So well done! And good luck.
Click to expand...

Yap there is a lots of PHP site that have hole in it lots of then i can hack easy
 
Status
Not open for further replies.
Top