Basic HTTP Authentication with PHP


HTTP authentication protection that can be used to restrict access to a page. This causes the browser to show a pop up message box to enter username and password. Below is a sample code for HTTP authentication:
<?php

if(!defined('PHP_AUTH_USER')){
    define('PHP_AUTH_USER','root');
}

if(!defined('')){
    define('PHP_AUTH_PW','toor');
}

if (!isset($_SERVER['PHP_AUTH_USER'])) {

    header('WWW-Authenticate: Basic realm="Restricted Area"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'You are not authorized to access this page.';
    exit;

} else {

    if( $_SERVER['PHP_AUTH_USER']==PHP_AUTH_USER &&
         $_SERVER['PHP_AUTH_PW']==PHP_AUTH_PW){

                //do your operation here.
    }else{
               header('WWW-Authenticate: Basic realm="Authorization"');
               header('HTTP/1.0 401 Unauthorized');
               echo 'You are entered wrong username/password.';
               exit;

    }

}?>
You can modify the above script as per your need. You can even integrate this to a database to compare username and password values with the username and password values stored in database.

Comments

Popular posts from this blog

Automate file upload in Selenium IDE

How To Install and Configure Nextcloud

Bruteforce a router to hack admin password using Hydra