Functions

Functions WebDev/*nix assorted functions & hacks

snippets .htaccess / mod_rewrite 404 header Ajax response page Basic HTTP Auth Column display sans near-empty columns JavaScript favelets/bookmarklets misc php stuffs php tricks 8 found

auth

Name:
Category: snippets
Body:

// Simple & proven:

if    ((@$_SERVER['PHP_AUTH_USER'] != 'admin') ||
       (@$_SERVER['PHP_AUTH_PW']   != 'sekrit')) {
  header('WWW-Authenticate: Basic realm="Config"');
  if (stristr(php_sapi_name(), 'fcgi')) {
    header("Status: 401 Unauthorized");
  }else{
    header('HTTP/1.1 401 Unauthorized');
  }
  die("Access Denied (u/p)");
}

// == Optional ==
// For FastCGI servers you want this as well (above the auth thing):
// list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));

/* and then in .htaccess:
# This gets HTTP Auth to work in PHP with FastCGI..
<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
</IfModule>
*/

// -------------------------------------------------------------------------------

// Newer with cookie foo & php vars
// --> Make sure to die(); somewhere if $logged_in == False
// For FastCGI, steal the alternative status headers & the "optional" Mod stuffs

// vars
$me        = basename($_SERVER['SCRIPT_FILENAME']);
$logged_in = false;
$host_path = $_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'];

// Auth
if (@$_COOKIE['logged_in'] or isset($_GET['login'])) {
 if ((@$_SERVER['PHP_AUTH_USER'] != 'foo') ||
 (@$_SERVER['PHP_AUTH_PW'] != 'bar')) {
 header('WWW-Authenticate: Basic realm="Site Admin"');
 header('HTTP/1.1 401 Unauthorized');
 setcookie('logged_in', '', 0);
 die("Access Denied (u/p) \n<a href='http://$host_path'>&leftarrow; Back to page</a>");
 }
 if (isset($_GET['login'])) setcookie('logged_in', 1, 0);
 $logged_in = true;
}

/*
 <?php if ($logged_in): ?>
 You are logged in
 <a href='http://fake:credentials@<?php echo $host_path; ?>'>Log out</a>
 <?php else: ?>
 You are not logged in
 <a href='?login'>Log in</a>
 <?php endif ?>
*/

Footer

~~Functions~~ WebDev/nix assorted functions & hacks Search* find all Array - Bash - Classes - Config - DateTime - Debug - dotjs - File - foooo - Git - HTML - Images - Javascript - Linux - Math - Misc - MySQL - OS X - Reading - Redis - Shell scripts - snippets - SQL - Strings - TextMate - Web - \(^o^)/ Fun! - _Misc hacks - _Pages
snippets .htaccess / mod_rewrite 404 header Ajax response page Basic HTTP Auth Column display sans near-empty columns JavaScript favelets/bookmarklets misc php stuffs php tricks 8 found auth	Name: Category: snippets Body: // Simple & proven: if ((@$_SERVER['PHP_AUTH_USER'] != 'admin') \|\| (@$_SERVER['PHP_AUTH_PW'] != 'sekrit')) { header('WWW-Authenticate: Basic realm="Config"'); if (stristr(php_sapi_name(), 'fcgi')) { header("Status: 401 Unauthorized"); }else{ header('HTTP/1.1 401 Unauthorized'); } die("Access Denied (u/p)"); } // == Optional == // For FastCGI servers you want this as well (above the auth thing): // list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); /* and then in .htaccess: # This gets HTTP Auth to work in PHP with FastCGI.. <IfModule mod_rewrite.c> RewriteEngine on RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] </IfModule> / // ------------------------------------------------------------------------------- // Newer with cookie foo & php vars // --> Make sure to die(); somewhere if $logged_in == False // For FastCGI, steal the alternative status headers & the "optional" Mod stuffs // vars $me = basename($_SERVER['SCRIPT_FILENAME']); $logged_in = false; $host_path = $_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']; // Auth if (@$_COOKIE['logged_in'] or isset($_GET['login'])) { if ((@$_SERVER['PHP_AUTH_USER'] != 'foo') \|\| (@$_SERVER['PHP_AUTH_PW'] != 'bar')) { header('WWW-Authenticate: Basic realm="Site Admin"'); header('HTTP/1.1 401 Unauthorized'); setcookie('logged_in', '', 0); die("Access Denied (u/p)<br>\n<a href='http://$host_path'>&leftarrow; Back to page</a>"); } if (isset($_GET['login'])) setcookie('logged_in', 1, 0); $logged_in = true; } / <?php if ($logged_in): ?> <span style='color: green;'>You are logged in</span> <a href='http://fake:credentials@<?php echo $host_path; ?>'>Log out</a> <?php else: ?> <span style='color: red;'>You are not logged in</span> <a href='?login'>Log in</a> <?php endif ?> */ ?>
Footer