Jump to content

Php Header Problem


23.12.2012
 Share

Recommended Posts

Well... I've got a problem. I'm trying to write a CMS (a very very basic one, I'll be adding more along the way), and so far, the login form is an authentication header. But it won't work. It displays the exit() part without asking for a username and a password. Any help would be appreciated.

if((!isset($_SERVER['PHP_AUTH_USER'])) || (!isset($_SERVER['PHP_AUTH_PW']))) {	header('HTTP/1.1 401 Unauthorized');	header('WWW-Authenticate: Basic realm="irrationalCMS"');	exit('<h2>irrationalCMS :: You need a username and a password</h2>');}$dbc = mysqli_connect('localhost', 'root', 'root', 'irr_database', '8889', '/Applications/MAMP/tmp/mysql/mysql.sock');$auth_username = mysqli_real_escape_string($dbc, trim($_SERVER['PHP_AUTH_USER']));$auth_password = mysqli_real_escape_string($dbc, trim($_SERVER['PHP_AUTH_PW']));$query = "SELECT id, username FROM irr_admin WHERE username = '$auth_username' AND password = SHA('$auth_password')";$data = mysqli_query($query);if(mysqli_num_rows($data) == 1) {	$row = mysqli_fetch_array($data);	$id = $row['id'];	$username = $row['username'];}else {	header('HTTP/1.1 401 Unauthorized');	header('WWW-Authenticate: Basic realm="irrationalCMS"');	exit('<h2>irrationalCMS :: Username or password invalid. Please try again.</h2>');}echo "<h1>Login Succesful! You are now logged in as " . $username . " . </h1>";

Link to comment
Share on other sites

Yes, this is also what annoys me. I've got another web application, another purpose, which uses the same thing (except for the realm), and it works perfectly. This one won't, and I've been looking for mistakes for half an hour now. I even tried using the other one, and it won't work... Can't seem to figure it out by myself.

Edited by 23.12.2012
Link to comment
Share on other sites

There are quite a few notes on that page about various server setups, did you read through those? Did you see the note about IE and header order? The manual isn't there to look pretty, you do actually need to read through it and understand what it says.

Link to comment
Share on other sites

Well... I just did, and I still can't figure out the problem. I switched the order of headers, but it still won't work. My browser is Firefox, and I've got a script which works, even if the order is not the one described in that document. My web server is Apache, so no IIS. Here is it:

if(!isset($_SERVER['PHP_AUTH_USER'])  || !isset($_SERVER['PHP_AUTH_PW']) || ($_SERVER['PHP_AUTH_USER'] != $username) || ($_SERVER['PHP_AUTH_PW'] != $password)) {	header('HTTP/1.1 401 Unauthorized');	header('WWW-Authenticate: Basic realm="Realm"');	exit('<h2>error</h2>');}

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...