Secure your page with basic realm http header. Of coz, we use PHP based, not htpasswd and .htaccess file.

By : hermawan

<?php
/************************************************\
* Class Name : security() *
* Input : BASIC REALMS *
* Creator : Hermawan Haryanto *
* Email : hermawan@codewalkers.com *
* License : GPL (General Public License) *
\***********************************************/

// START FILE: security.php
session_start();
$errorlogin = "Authentication Required"; // Text to display when login error
$basicrealm = "Private Stuff"; // Displayed text on login form
$authentication = Array (1=>Array("user1", "pass1"), // User and Pass for User-1
2=>Array("user2", "pass2"), // User and Pass for User-2
3=>Array("user3", "pass3"));// User and Pass for User-3

class security {
var $authentication = Array();
var $errorlogin;
var $basicrealm;
function security() {
global $authentication, $errorlogin, $basicrealm;
$this->authentication = $authentication;
$this->errorlogin = $errorlogin;
$this->basicrealm = $basicrealm;
}
function secureMe() {
global $_SESSION, $PHP_AUTH_USER, $PHP_AUTH_PW;
if (trim($PHP_AUTH_USER)!=""&&trim($PHP_AUTH_PW)!="") {
if($this->checkLogin($PHP_AUTH_USER, $PHP_AUTH_PW)) return true;
}
if (!$_SESSION||$_SESSION["passed"]!="") {
$this->showLogin();
return false;
}
}
function showLogin() {
global $login_error, $realms;
header('WWW-Authenticate: Basic realm='.$this->basicrealm);
header('HTTP/1.0 401 Unauthorized');
print $this->errorlogin;
exit();
}
function checkLogin($username, $password) {
for($i=0;$i<count($this->authentication);$i++) {
if($username == $this->authentication[$i][0] &&
$password == $this->authentication[$i][1]) {
$j++;
}
}
if($j!=0) return true;
}
};
// END FILE: security.php
?>

Put the line below on the top of the page you wish to secured.

<?php
require_once("./security.php");
$security = new security;
if($security->secureMe()) $passed = "true"; session_register('passed');
?>

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

More User Management Code Articles
More By Codewalkers

 

developerWorks - FREE Tools!

NEW! IBM – Taking Web 2.0 to Work David Barnes, Lead Evangelist for IBM Emerging Internet Technologies will discuss aspects of Web 2.0 that bring value to corporations, academia, and government. He'll also discuss IBM's vision around Web 2.0, including the importance of remixability and consumability. The discussion will culminate with examples of various IBM Software Group solutions you can use to get ahead of the Web 2.0 adoption curve. FREE! Go There Now!

NEW! Addressing software-as-a-service challenges using Tivoli security and WebSphere solutions Building a software-as-a-service solution requires addressing a few key technical challenges. In this webcast, we'll focus on the role of IBM Tivoli Directory Server and WebSphere Portlet Factory in creating a Software as a Service solution. We will demonstrate how to use Tivoli Directory Server to prevent the user population of one tenant from accessing the virtual portal and portlet components of another tenant. We will also use the dynamic profile capability of WebSphere Portlet Factory to create multiple highly customized applications from one code base. FREE! Go There Now!

NEW! BlammoSplat: Build a community Web site of OpenLaszlo animations, Part 3: The community animation Learn to enable users to both rate existing animations and to combine existing animations into new snippets. This is the third in a series of three tutorials that chronicle the building of a site that enables collaborative discussion and animation building using Domino and OpenLaszlo. FREE! Go There Now!

NEW! Discovering the value of WebSphere Process Server WebSphere Process Server delivers a unique integration framework that simplifies existing IT resources. Often, as IT assets grow to support business demand, so too does their complexity and manageability. In this webcast, we’ll discuss how WebSphere Process Server helps deliver an SOA infrastructure that provides a common model to orchestrate, mediate, connect, map, and execute the underlying IT functions. Discover how WebSphere Process Server simplifies integration of business processes by leveraging existing IT assets as reusable services without the complexities of traditional integration methodologies. FREE! Go There Now!

NEW! Download the free Web Application Security eKit Discover how IBM Rational AppScan Standard Edition can help you detext vulnerabilities in your web applications in the Web Application Security eKit. IBM Rational AppScan is a leading suite of automated web application security solutions that scan and test for common Web application vulnerabilities. The new Web Application Security eKit provides you with valuable resources, including white papers, demos, and additional information on the benefits of testing your Web applications. FREE! Go There Now!

NEW! Evaluate IBM Rational Software Analyzer V7.0 Download a free trial version of IBM Rational Software Analyzer Developer Edition V7.0 to identify bug defects earlier in the software development cycle. Rational Software Analyzer is an extensible software development solution that reduces the expense of bug-fixes by enabling static analysis code reviews and bug identification very early in the development cycle. FREE! Go There Now!

NEW! IBM Rational ClearCase Innovator's Series Learn from the best! Find out how developers use Rational ClearCase to be more flexible, innovative and deliver higher quality code in the Rational ClearCase Power Users eKit. This complimentary eKit provides a collection of materials, like articles, whitepapers, and demos that can help you become a power user of Rational ClearCase. FREE! Go There Now!

NEW! Rational Talks to You: Grady Booch on Architecture Join this Rational Talks to You teleconference on November 29 at 1:00 pm ET to participate in an interactive discusssion with Grady Booch around architecture and reuse. Get your questions answered! FREE! Go There Now!

NEW! Run your first CICS application on a PC using TXSeries for Windows Learn the basics of the IBM Customer Information Control System (CICS). With a hands-on exercise, learn how to get your first CICS application up and running on your desktop using TXSeries V6.1 for Windows. The tutorial shows you how to download and install a free trial version of TXSeries V6.1. FREE! Go There Now!

NEW! Trial download: IBM Rational Manual Tester V7.0.1 Try the latest version of IBM Rational Manual Tester V7.0.1 by downloading a free trial from IBM developerWorks. This manual test authoring and execution tool promotes test step reuse to reduce the impact of software change on testers and business analysts and addresses the needs of teams performing at least a portion of their testing manually. FREE! Go There Now!

All FREE IBM® developerWorks Tools!