Secure your page with basic realm http header. Of coz, we use PHP based, not htpasswd and .htaccess file.
By : hermawan
<?php
/************************************************\
* Class Name : security() *
* Input : BASIC REALMS *
* Creator : Hermawan Haryanto *
* Email : hermawan@codewalkers.com *
* License : GPL (General Public License) *
\***********************************************/
// START FILE: security.php
session_start();
$errorlogin = "Authentication Required"; // Text to display when login error
$basicrealm = "Private Stuff"; // Displayed text on login form
$authentication = Array (1=>Array("user1", "pass1"), // User and Pass for User-1
2=>Array("user2", "pass2"), // User and Pass for User-2
3=>Array("user3", "pass3"));// User and Pass for User-3
class security {
var $authentication = Array();
var $errorlogin;
var $basicrealm;
function security() {
global $authentication, $errorlogin, $basicrealm;
$this->authentication = $authentication;
$this->errorlogin = $errorlogin;
$this->basicrealm = $basicrealm;
}
function secureMe() {
global $_SESSION, $PHP_AUTH_USER, $PHP_AUTH_PW;
if (trim($PHP_AUTH_USER)!=""&&trim($PHP_AUTH_PW)!="") {
if($this->checkLogin($PHP_AUTH_USER, $PHP_AUTH_PW)) return true;
}
if (!$_SESSION||$_SESSION["passed"]!="") {
$this->showLogin();
return false;
}
}
function showLogin() {
global $login_error, $realms;
header('WWW-Authenticate: Basic realm='.$this->basicrealm);
header('HTTP/1.0 401 Unauthorized');
print $this->errorlogin;
exit();
}
function checkLogin($username, $password) {
for($i=0;$i<count($this->authentication);$i++) {
if($username == $this->authentication[$i][0] &&
$password == $this->authentication[$i][1]) {
$j++;
}
}
if($j!=0) return true;
}
};
// END FILE: security.php
?>
Put the line below on the top of the page you wish to secured.
<?php
require_once("./security.php");
$security = new security;
if($security->secureMe()) $passed = "true"; session_register('passed');
?>
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More User Management Code Articles
More By Codewalkers
developerWorks - FREE Tools! |
Hear how IBM Rational Project and Portfolio Management integrated solutions help teams put the right tools and processes in place to maximize the effectiveness and efficiency of project teams and ensure that the business vision is being executed correctly. Learn how to automate and integrate requirements prioritization, top-down project planning, communications and controls, and methodology deployment to keep your scope, costs, and schedules under control. Tackle with an end-to-end approach the management of scope and scope changes, usage of methodology to control and empower project teams, and optimization of resources to align activity costs with the overall project plan. FREE! Go There Now!
|
|
|
|
Poor Requirements Management capabilities in an Enterprise have been linked to excessive project failures, escalating IT costs, and failure to deliver competitive advantage into the marketplace. Join Brianna M Smith from IBM Rational and learn about how successful organizations align IT and Business stakeholders through collaborative processes and tools for effective requirements management, and how an integrated approach across the IT lifecycle can provide unparalleled visibility and traceability to ensure that project teams are delivering on the business vision by "doing the right things" and "doing things right." FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial version of Lotus Quickr 8.0, which enables collaboration by transforming the way everyday business content such as documents, rich media, photos, and video can be shared. Lotus Quickr makes it faster and easier to share content of all types (not just documents) within virtual teams. It is designed to make it easier to collaborate across organizational boundaries, while continuing to work within the context of familiar desktop applications. FREE! Go There Now!
|
|
|
|
As organizations have grown increasingly dependent on online software, the risk of malicious attacks has also become far more serious. Fortunately, well-governed organizations can protect their Web applications by injecting vulnerability assessments and ethical hacks into their software development and delivery processes. This paper describes 12 of the most common hacker attacks and provides basic rules that you can follow to help create more hack-resistant Web applications. FREE! Go There Now!
|
|
|
|
Informix Dynamic Server (IDS) Express Edition offers outstanding online transaction processing (OLTP) database performance, while helping to simplify and automate many of the tasks associated with deploying databases for small business applications. IDS 11 further extends the ease of management and applications integration with the Admin API and Scheduler, high availability with Continuous Log Restore for backup server recovery in case of a primary server failure, and column level encryption to protect personal and company private data. FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to try the IBM SOA Sandbox for people. The SOA Sandbox for people provides a trial environment with the necessary tooling and components required to enable consistent human and process interaction and collaboration, showing how you can improve user experience and business productivity. FREE! Go There Now!
|
|
|
|
Join this Rational Talks to You teleconference, to hear how Enterprise Generation Language (EGL) eliminates the need for tedious and error-prone low level coding, so developers can focus on business requirements. EGL extends the Rational software development platform with a simplified programming language that enables developers who have little or no experience with Java, Web technologies or Service Oriented Architecture, to create enterprise-class applications and services quickly and easily. It also allows developers who may have little or no mainframe programming experience to quickly create traditional mainframe components. FREE! Go There Now!
|
|
|
|
The Eclipse community is constantly working to extend Eclipse's functionality. In this webcast, learn about some of the most important and feature-rich projects under development. From multi-language support to plug-in development, tune in to see what Eclipse is capable of now. FREE! Go There Now!
|
|
|
|
Join this webcast to learn how IBM Rational's Functional Testing solution enables you to implement automation your way, at your pace, with your existing staff. In this webcast, you’ll learn how you can eliminate redundancy of manual test scripts, reduce errors, and increase test coverage through test automation. After this presentation you will understand how IBM Rational Functional Testing solution can streamline your manual testing and make test automation easily attainable. FREE! Go There Now!
|
|
|
|
Viper 2 brings a great value to developer communities including SQL, XML, PHP, Ruby, .NET and Java. You probably already know that DB2 Express-C is free for developers to develop, deploy and distribute. Viper 2 provides a variety of means that help move your application from the development stage to deployment more rapidly. This webcast shows how to best utilize the latest tools available for developing DB2 applications. FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools! |