23.12.2012 Posted August 26, 2009 Share Posted August 26, 2009 Well... I've got a problem. I'm trying to write a CMS (a very very basic one, I'll be adding more along the way), and so far, the login form is an authentication header. But it won't work. It displays the exit() part without asking for a username and a password. Any help would be appreciated. if((!isset($_SERVER['PHP_AUTH_USER'])) || (!isset($_SERVER['PHP_AUTH_PW']))) { header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: Basic realm="irrationalCMS"'); exit('<h2>irrationalCMS :: You need a username and a password</h2>');}$dbc = mysqli_connect('localhost', 'root', 'root', 'irr_database', '8889', '/Applications/MAMP/tmp/mysql/mysql.sock');$auth_username = mysqli_real_escape_string($dbc, trim($_SERVER['PHP_AUTH_USER']));$auth_password = mysqli_real_escape_string($dbc, trim($_SERVER['PHP_AUTH_PW']));$query = "SELECT id, username FROM irr_admin WHERE username = '$auth_username' AND password = SHA('$auth_password')";$data = mysqli_query($query);if(mysqli_num_rows($data) == 1) { $row = mysqli_fetch_array($data); $id = $row['id']; $username = $row['username'];}else { header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: Basic realm="irrationalCMS"'); exit('<h2>irrationalCMS :: Username or password invalid. Please try again.</h2>');}echo "<h1>Login Succesful! You are now logged in as " . $username . " . </h1>"; Link to comment Share on other sites More sharing options...
justsomeguy Posted August 26, 2009 Share Posted August 26, 2009 Make sure your server meets the requirements mentioned here, and check the rest of the notes on the page:http://us3.php.net/manual/en/features.http-auth.php Link to comment Share on other sites More sharing options...
23.12.2012 Posted August 26, 2009 Author Share Posted August 26, 2009 Yes, this is also what annoys me. I've got another web application, another purpose, which uses the same thing (except for the realm), and it works perfectly. This one won't, and I've been looking for mistakes for half an hour now. I even tried using the other one, and it won't work... Can't seem to figure it out by myself. Link to comment Share on other sites More sharing options...
justsomeguy Posted August 26, 2009 Share Posted August 26, 2009 There are quite a few notes on that page about various server setups, did you read through those? Did you see the note about IE and header order? The manual isn't there to look pretty, you do actually need to read through it and understand what it says. Link to comment Share on other sites More sharing options...
23.12.2012 Posted August 26, 2009 Author Share Posted August 26, 2009 Well... I just did, and I still can't figure out the problem. I switched the order of headers, but it still won't work. My browser is Firefox, and I've got a script which works, even if the order is not the one described in that document. My web server is Apache, so no IIS. Here is it: if(!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) || ($_SERVER['PHP_AUTH_USER'] != $username) || ($_SERVER['PHP_AUTH_PW'] != $password)) { header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: Basic realm="Realm"'); exit('<h2>error</h2>');} Link to comment Share on other sites More sharing options...
justsomeguy Posted August 26, 2009 Share Posted August 26, 2009 Are the system that work and the one that doesn't on the same server? Print this out to see what it says:echo php_sapi_name(); Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.