Quick Search:
CODE
Oracle PL/SQL Code Library
JOBS
Find Or Post Oracle Jobs
FORUM
Oracle Discussion & Chat
 PHP Code: Use htpasswd file with PHPscripts Jump to:  
Category: >> PHP Code >> Use htpasswd file with PHPscripts Bookmark and Share

<< lastnext >>

Snippet Name: Use htpasswd file with PHPscripts

Description: This is a way to use an existing .htpasswd file with your PHP-based authentication scripts by using a combination of the substr() and the crypt() function to match the value entered by the user for $PHP_AUTH_PW, and an entry in the .htpasswd file.

Comment: (none)

Language: PHP
Highlight Mode: PHP
Last Modified: April 12th, 2009

< ?php
 
IF (!ISSET($PHP_AUTH_USER)) {
 
         HEADER('WWW-Authenticate: Basic realm="Private"');
         HEADER('HTTP/1.0 401 Unauthorized');
         ECHO 'Authorization Required.';
         EXIT;
 
} ELSEIF (ISSET($PHP_AUTH_USER)) {
 
         $filename = "/path/to/.htpasswd";
         $fp = FOPEN($filename, "r");
         $file_contents = FREAD($fp, FILESIZE($filename));
         FCLOSE($fp);
 
         // Place each line in user info file into an array
 
         $Line = EXPLODE("n", $file_contents);
 
         // For as long as $i is less than the size of the $line array,
         // explode each array element into a username and password
         // pair and attempt to match to $PHP_AUTH_USER and
         // $PHP_AUTH_PW values
 
         $i = 0;
 
         WHILE($i <= SIZEOF($Line)) {
                 $data_pair = EXPLODE(":", $Line[$i]);
 
                 IF ($data_pair[0] == "$PHP_AUTH_USER") {
 
                 // get salt from $data_pair[1]
                 $salt = SUBSTR($data_pair[1], 0, 2);
 
                 // encrypt $PHP_AUTH_PW based on $salt
                 $enc_pw = CRYPT($PHP_AUTH_PW, $salt);
 
                 // try to match encrypted passwords
                         IF ($data_pair[1] == "$enc_pw") {
 
                                 $auth = 1;
                                 BREAK;
 
                         } ELSE {
 
                                 $auth = 0;
 
                         }
 
                 } ELSE {
 
                         $auth = 0;
 
                 }
 
                 $i++;
 
         }
 
 
         // check value of $auth
 
         IF ($auth == "1") {
 
                 ECHO "You're authorized.";
 
         } ELSE {
 
                 HEADER('WWW-Authenticate: Basic realm="Private"');
                 HEADER('HTTP/1.0 401 Unauthorized');
                 ECHO 'Authorization Required.';
                 EXIT;
 
         }
 
}
 
?> 


Free
Oracle Magazine
Subscriptions
and Oracle White Papers


SQL University.net courses meet the most demanding needs of the business world for advanced education in a cost-effective manner. SQL University.net courses are available immediately for IT professionals and can be taken without disruption of your workplace schedule or processes.

Compared to traditional travel-based training, SQL University.net saves time and valuable corporate resources, allowing companies to do more with less. That's our mission, and that's what we deliver.

Click here to find out more
 
Home      :      Code Library      :      Sponsors      :      Privacy      :      Terms of Use      :      Contact Us 306 users online    © 2009 psoug.org

PSOUG LOGIN
Username: 
Password: 
Forgot your password?