DZone Snippets: security code http://snippets.dzone.com/posts Thu, 21 Aug 2008 02:25:39 GMT DZone Snippets: security code WWW-Authenticate example http://snippets.dzone.com/posts/show/2006 // Shows how to use the WWW-Authenticate header to make login pages.You find a good tutorial at php.net <br />// (Source: http://codedump.jonasjohn.de/ - Public domain) <br /> <br /><code> <br /><?php <br /> <br />$login_successful = false; <br /> <br />// check user & pwd: <br />if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])){ <br /> <br /> $usr = $_SERVER['PHP_AUTH_USER']; <br /> $pwd = $_SERVER['PHP_AUTH_PW']; <br /> <br /> if ($usr == 'jonas' && $pwd == 'secret'){ <br /> $login_successful = true; <br /> } <br />} <br /> <br />// login ok? <br />if (!$login_successful){ <br /> <br /> // send 401 headers: <br /> // realm="something" will be shown in the login box <br /> header('WWW-Authenticate: Basic realm="Secret page"'); <br /> header('HTTP/1.0 401 Unauthorized'); <br /> print "Login failed!\n"; <br /> <br />} <br />else { <br /> // show secret page: <br /> print 'you reached the secret page!'; <br />} <br />?> <br /></code> Wed, 10 May 2006 02:33:31 GMT http://snippets.dzone.com/posts/show/2006 jonasj (Jonas J.)