[mirrors/Programs.git] / php / http_auth.phps

<?php\r
///SETTINGS//////////////////////////////////////////////////////////////////////////////////////////////////////\r
//Login\r
$realm = 'secret_zone'; //This is used by browser to identify protected area and saving passwords (one_site+one_realm==one_user+one_password)\r
$user = 'root'; //User\r
$passwd = 'toor'; //Password\r
//Misc\r
$require_login = true; //Require login? (if false, no login needed) - WARNING!!!\r
$location = '401'; //Location after logout - 401 = default logout page (can be overridden by ?logout=[LOCATION])\r
//CopyLeft\r
$ver = '3.7.1';\r
$link = '<a href="https://harvie.ath.cx/">harvie.ath.cx</a>';\r
$banner = "Harvie's PHP HTTP-Auth script (v$ver)";\r
$hbanner = "<hr /><i>$banner\n$link</i>\n";\r
$cbanner = "<!-- $banner -->\n";\r
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////\r
//MANUAL/////////////////////////////////////////////////////////////////////////////////////////////////////////\r
/* HOWTO\r
 * To each file, you want to lock add this line (at begin of first line):\r
 * <?php include('http_auth.php'); ?>\r
 * This file have to be php script (if it's html, simply rename it to .php)\r
 * Server have to run PHP (not CGI).\r
 * You need HTTP Basic auth enabled on server and in php.ini\r
 */\r
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////\r
////CODE/////////////////////////////////////////////////////////////////////////////////////////////////////////\r
  function send_auth_headers($realm='') {\r
    Header('WWW-Authenticate: Basic realm="'.$realm.'"');\r
    Header('HTTP/1.0 401 Unauthorized');\r
  }\r
  \r
  function check_auth($PHP_AUTH_USER, $PHP_AUTH_PW) { //Check if login is succesfull (U can modify to use DB, or anything else)\r
	return (($PHP_AUTH_USER == $GLOBALS['user']) && ($PHP_AUTH_PW == $GLOBALS['passwd']));\r
  }\r
    \r
  function unauth() { //Do this when login fails\r
    $cbanner = $GLOBALS['cbanner'];\r
    $hbanner = $GLOBALS['hbanner'];\r
    die("$cbanner<title>401 - Forbidden</title>\n<h1>401 - Forbidden</h1>\n<a href=\"?\">Login...</a>\n$hbanner"); //Show warning and die\r
    die(); //Don't forget!!!\r
  }\r
\r
//Back-Compatibility\r
if(isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];\r
if(isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];\r
\r
//Logout\r
if(isset($_GET['logout'])) { //script.php?logout\r
  if(isset($PHP_AUTH_USER) || isset($PHP_AUTH_PW)) {\r
    Header('WWW-Authenticate: Basic realm="'.$realm.'"');\r
    Header('HTTP/1.0 401 Unauthorized');\r
  } else {\r
    if($_GET['logout'] != '') $location = $_GET['logout'];\r
    if(trim($location) != '401') Header('Location: '.$location);\r
    die("$cbanner<title>401 - Log out successfull</title>\n<h1>401 - Log out successfull</h1>\n<a href=\"?\">Continue...</a>\n$hbanner");\r
  }\r
}\r
\r
if($require_login) {\r
  if(!isset($PHP_AUTH_USER)) { //Storno or first visit of page\r
    send_auth_headers($realm);\r
    unauth();\r
  } else { //Login sent\r
    \r
    if (check_auth($PHP_AUTH_USER, $PHP_AUTH_PW)) { //Login succesfull - probably do nothing\r
    } else { //Bad login\r
      send_auth_headers($realm);\r
      unauth();\r
    }\r
    \r
  }\r
}\r
//Rest of file will be displayed only if login is correct\r
\r
Commit	Line	Data
84aff5c8 H	1	<?php\r
	2	///SETTINGS//////////////////////////////////////////////////////////////////////////////////////////////////////\r
	3	//Login\r
	4	$realm = 'secret_zone'; //This is used by browser to identify protected area and saving passwords (one_site+one_realm==one_user+one_password)\r
	5	$user = 'root'; //User\r
	6	$passwd = 'toor'; //Password\r
	7	//Misc\r
	8	$require_login = true; //Require login? (if false, no login needed) - WARNING!!!\r
	9	$location = '401'; //Location after logout - 401 = default logout page (can be overridden by ?logout=[LOCATION])\r
	10	//CopyLeft\r
	11	$ver = '3.7.1';\r
	12	$link = '<a href="https://harvie.ath.cx/">harvie.ath.cx</a>';\r
	13	$banner = "Harvie's PHP HTTP-Auth script (v$ver)";\r
	14	$hbanner = "<hr /><i>$banner\n$link</i>\n";\r
	15	$cbanner = "<!-- $banner -->\n";\r
	16	/////////////////////////////////////////////////////////////////////////////////////////////////////////////////\r
	17	//MANUAL/////////////////////////////////////////////////////////////////////////////////////////////////////////\r
	18	/* HOWTO\r
	19	* To each file, you want to lock add this line (at begin of first line):\r
	20	* <?php include('http_auth.php'); ?>\r
	21	* This file have to be php script (if it's html, simply rename it to .php)\r
	22	* Server have to run PHP (not CGI).\r
	23	* You need HTTP Basic auth enabled on server and in php.ini\r
	24	*/\r
	25	/////////////////////////////////////////////////////////////////////////////////////////////////////////////////\r
	26	////CODE/////////////////////////////////////////////////////////////////////////////////////////////////////////\r
	27	function send_auth_headers($realm='') {\r
	28	Header('WWW-Authenticate: Basic realm="'.$realm.'"');\r
	29	Header('HTTP/1.0 401 Unauthorized');\r
	30	}\r
	31	\r
	32	function check_auth($PHP_AUTH_USER, $PHP_AUTH_PW) { //Check if login is succesfull (U can modify to use DB, or anything else)\r
	33	return (($PHP_AUTH_USER == $GLOBALS['user']) && ($PHP_AUTH_PW == $GLOBALS['passwd']));\r
	34	}\r
	35	\r
	36	function unauth() { //Do this when login fails\r
	37	$cbanner = $GLOBALS['cbanner'];\r
	38	$hbanner = $GLOBALS['hbanner'];\r
	39	die("$cbanner<title>401 - Forbidden</title>\n<h1>401 - Forbidden</h1>\n<a href=\"?\">Login...</a>\n$hbanner"); //Show warning and die\r
	40	die(); //Don't forget!!!\r
	41	}\r
	42	\r
	43	//Back-Compatibility\r
	44	if(isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];\r
	45	if(isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];\r
	46	\r
	47	//Logout\r
	48	if(isset($_GET['logout'])) { //script.php?logout\r
	49	if(isset($PHP_AUTH_USER) \|\| isset($PHP_AUTH_PW)) {\r
	50	Header('WWW-Authenticate: Basic realm="'.$realm.'"');\r
	51	Header('HTTP/1.0 401 Unauthorized');\r
	52	} else {\r
	53	if($_GET['logout'] != '') $location = $_GET['logout'];\r
	54	if(trim($location) != '401') Header('Location: '.$location);\r
	55	die("$cbanner<title>401 - Log out successfull</title>\n<h1>401 - Log out successfull</h1>\n<a href=\"?\">Continue...</a>\n$hbanner");\r
	56	}\r
	57	}\r
	58	\r
	59	if($require_login) {\r
	60	if(!isset($PHP_AUTH_USER)) { //Storno or first visit of page\r
	61	send_auth_headers($realm);\r
	62	unauth();\r
	63	} else { //Login sent\r
	64	\r
65	if (check_auth($PHP_AUTH_USER, $PHP_AUTH_PW)) { //Login succesfull - probably do nothing\r
66	} else { //Bad login\r
67	send_auth_headers($realm);\r
68	unauth();\r
69	}\r
70	\r
71	}\r
72	}\r
73	//Rest of file will be displayed only if login is correct\r
74	\r