|
The following are step-by-step instructions on how
to get HTTP authentication working when PHP is running as a CGI/PHPSuExec.
Step 1:
Create a plain text file using a
text editor such as Windows Notepad.
Step 2:
Add the following text...
 |
| |
<IfModule
mod_rewrite.c>
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
</IfModule> |
|
|
|
|
Step 3:
Save the file as a plain text
file. Name the file ".htaccess"
Step 4:
Upload the .htaccess file in
ASCII mode to your web space using
an FTP application.
Step 5:
Add the following in your PHP
script right before your user/pass
check routine.
|
|
|
|
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])
= explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'],
6))); |
|
|
|
|
Example:
|
|
|
|
<?php
// split user/pass parts
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])
= explode(':',
base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'],
6)));
// open user/pass prompt
if (!isset($_SERVER['PHP_AUTH_USER']))
{
header('WWW-Authenticate: Basic
realm="Your Realm"');
header('HTTP/1.0 401
Unauthorized');
echo 'Text to send if Cancel
button is used';
exit;
} else {
echo "<p>Greetings: </p>".$_SERVER['PHP_AUTH_USER'];
echo "<p>Password you entered:
</p>".$_SERVER['PHP_AUTH_PW'];
}
?> |
|
|
|
|
|
