PHP Authentication Troubles

software development

#1

Can anyone tell me what I’m doing wrong?

I’m attempting to develop an authentication system with PHP (and eventually MySQL). So I’m starting out with the most basic script I can think of, but it doesn’t work. If I try to access it via Safari nobody can get into the realm, if I use IE to access the page anybody can get into the realm.

To make things simple, I’ve hard coded the password at “cat”.

I’d really appreciate some help. I don’t know how to simplify the script any further and I’m out of clues.

Thanks!
Paul

Here is the address to the page: http://www.sbox.net/wine/welcome.php

Here is the code

<?php $authorized = false; $member = $_SERVER['PHP_AUTH_USER']; $psword = $_SERVER['PHP_AUTH_PW']; if (isset($member) && $psword == "cat") { $authorized = true ; } if (!$authorized) { header('WWW-Authenticate: Basic realm="The Password is cat"'); header('HTTP/1.0 401 Unauthorized'); echo "

You have canceled

"; } ?> Welcome

Welcome!

<?= $_SERVER['PHP_AUTH_USER'] ?>

<?= $_SERVER['SERVER_SOFTWARE'] ?>

<?= $_SERVER['REQUEST_METHOD'] ?>


#2

Thanks for including a call to phpinfo() - it confirms my suspicion, you are running PHP as CGI.

Quote the PHP online documentation:

“The HTTP Authentication hooks in PHP are only available when it is running as an Apache module and is hence not available in the CGI version.”

Reference
HTTP authentication with PHP

:cool: Perl / MySQL / HTML CSS