perryratcliff Posted December 29, 2010 Share Posted December 29, 2010 <?php //user name and Password for authentication $username = 'username'; $password = 'password'; if(!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) || ($_SERVER['PHP_AUTH_USER'] != $username) || ($_SERVER['PHP_AUTH_PW'] != $password)) { //The username/password are incorrect or haven't been entered so send the authentication headers header ('HTTP/1.1 401 Unauthorized'); header ('WWW-Authenticate: Basic realm= "Gator Boats" '); exit ('<h2>Gator Boats Admin</h2> Sorry, You ust enter a valid username and password ' . 'access this page.'); } ?> Every time I enter the User Name: username and Password: password it just resends the headers. Can you see what I am doing wrong? Quote Link to comment Share on other sites More sharing options...
prezident Posted December 29, 2010 Share Posted December 29, 2010 not sure but i think you can try if(empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW']) || to determine whether or not the fields are empty... Quote Link to comment Share on other sites More sharing options...
prezident Posted December 29, 2010 Share Posted December 29, 2010 nope !isset is right, is that all of the code ? Quote Link to comment Share on other sites More sharing options...
perryratcliff Posted December 29, 2010 Author Share Posted December 29, 2010 <?php // User name and password for authentication $username = 'username'; $password = 'password'; if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) || ($_SERVER['PHP_AUTH_USER'] != $username) || ($_SERVER['PHP_AUTH_PW'] != $password)) { // The user name/password are incorrect so send the authentication headers header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: Basic realm="Gator Boats"'); exit('<h2>Gator Boats</h2>Sorry, you must enter a valid user name and password to access this page.'); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Add a Picture of Your Boat</title> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <link rel="stylesheet" href="../css/style.css" type="text/css" /> <link rel="shortcut icon" href="http://rarg.co/favicon.ico"> </head> <body> <div class="allcontent"> <!--LOGO --> <?php require_once('appvars.php'); require_once('connectvar.php'); // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); //Retrieve picture data from MySQL $query = "SELECT * FROM gbdb ORDER BY id DESC"; $data = mysqli_query($dbc, $query); // Loop through all the pics and displaying them as HTML echo '<table>'; while ($row = mysqli_fetch_array($data)) { // Display the pics for each returned array echo '<tr class="picrow"><td><strong>' . $row['name'] . '</strong></td>'; echo '<td>' . $row['boat'] . '</td>'; echo '<td><a href="removepicture.php?id=' . $row['id'] . '&name=' . $row['name'] . '&boat=' . $row['boat'] . '&picture=' . $row['picture'] . '">Remove</a></td></tr>'; } echo '</table>'; mysqli_close($dbc); ?> <!--Footer --> <div class="footer"> <p> <a href="http://www.perryratcliff.com/contact.html">Contact</a> | <a href="gatorboats/privacy.html">Privacy</a> | <a href="gatorboats/career.html">Career</a> | <a href="gatorboats/affiliate.html">Affiliate</a> </p> </div> </div> </body> </html> The website is located at http://www.perryratcliff.com/phpgator/admin.php if you want to see it in action. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted December 29, 2010 Share Posted December 29, 2010 The HTTP Authentication hooks in PHP are only available when it is running as an Apache module and is hence not available in the CGI version. ^^^ Do you happen to know which web server you are running and if php is running as an Apache Module or as a CGI application? Quote Link to comment Share on other sites More sharing options...
perryratcliff Posted December 29, 2010 Author Share Posted December 29, 2010 http://perryratcliff.com/test.php I guess I am in CGI/Fast CGI? How do I run as an Apache module? Quote Link to comment Share on other sites More sharing options...
perryratcliff Posted December 29, 2010 Author Share Posted December 29, 2010 I'm using windows...should I switch to Linux? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted December 29, 2010 Share Posted December 29, 2010 You are using IIS7. There is a different set of conditions to get it to work - Also note that until PHP 4.3.3, HTTP Authentication did not work using Microsoft's IIS server with the CGI version of PHP due to a limitation of IIS. In order to get it to work in PHP 4.3.3+, you must edit your IIS configuration "Directory Security". Click on "Edit" and only check "Anonymous Access", all other fields should be left unchecked. Note: IIS Note: For HTTP Authentication to work with IIS, the PHP directive cgi.rfc2616_headers must be set to 0 (the default value). All this information is in the php.net documentation. There's no need to switch your operating system, unless you want to. Quote Link to comment Share on other sites More sharing options...
perryratcliff Posted December 29, 2010 Author Share Posted December 29, 2010 So I switched to Linux server and still no luck Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.