Re: php login

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Schalk wrote:

Greetings All,
Where can I find a good tutorial on creating a login protected area using php? I did a Google search and found a couple but, I would like to get suggestions from the list. Thanks! 

here is a set of functions that allow you to mimick a .htaccess style of
protected area I use them occasionally when I need quick and dirty protection
(i.e. single user, no specified permissions, etc)

it's not so much a tutorial as a basic example of simple protection
- maybe it gives you some ideas/insight.

------------------------------------------------------------------------

you use them like so:

<?php

// sessions are required for this to work
session_start();

// a line like this should be in you global include file
setSimplePageProtectionDetails("YOUR_USER_NAME", "YOUR_PWD");

// then on any page that needs protection (can also be set in the same global include)
simplePageProtection("YOUR_REALM");

?>

here are the actual funcs:

<?php

function isCLI()
{
    return (strtolower(php_sapi_name()) === 'cli');
}

function setSimplePageProtectionDetails($login, $pwd)
{

    if (!defined('SIMPLE_MICROSITE_AUTH_PW') && !defined('SIMPLE_MICROSITE_AUTH_USER')) {
        if (!$login || !$pwd) {
            return 0;
        }

        define('SIMPLE_MICROSITE_AUTH_USER',    $login);
        define('SIMPLE_MICROSITE_AUTH_PW',      $pwd);
    }

    return -1;
}

function simplePageProtection($bla = null)
{
    if (isCLI()) {
        return; // no point 'protecting' the CLI
    }

    if (!defined('SIMPLE_MICROSITE_AUTH_PW') || !defined('SIMPLE_MICROSITE_AUTH_USER')) {
 	die ('auth mechanism not setup properly');
    }

    if (($bla === null) || !$bla = strval($bla)) {
        $bla = 'micrositedefault';
    }

    if (!isset($_SESSION['access_to_'.$bla.'_granted']) || !$_SESSION['access_to_'.$bla.'_granted']) {
        $_SESSION['access_to_'.$bla.'_granted'] = false;

        $login = isset($_SERVER[ 'PHP_AUTH_USER' ]) ? $_SERVER[ 'PHP_AUTH_USER' ]: false;
        $pass  = isset($_SERVER[ 'PHP_AUTH_PW' ])   ? $_SERVER[ 'PHP_AUTH_PW' ]: false;
if (strtolower(trim($login)) == strtolower(trim(SIMPLE_MICROSITE_AUTH_USER)) && $pass === SIMPLE_MICROSITE_AUTH_PW) { 
            $_SESSION['access_to_'.$bla.'_granted'] = true;
        } else {
            header('WWW-Authenticate: Basic realm="Please login '.SIMPLE_MICROSITE_AUTH_USER.'."');
            header('HTTP/1.0 401 Unauthorized');
            exit;
        }
    }
}

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux