php/http_auth.phps

   1 <?php
   2 ///SETTINGS//////////////////////////////////////////////////////////////////////////////////////////////////////
   3 //Login
   4 $realm = 'secret_zone'; //This is used by browser to identify protected area and saving passwords (one_site+one_realm==one_user+one_password)
   5 $user = 'root'; //User
   6 $passwd = 'toor'; //Password
   7 //Misc
   8 $require_login = true; //Require login? (if false, no login needed) - WARNING!!!
   9 $location = '401'; //Location after logout - 401 = default logout page (can be overridden by ?logout=[LOCATION])
  10 //CopyLeft
  11 $ver = '3.7.1';
  12 $link = '<a href="https://harvie.ath.cx/">harvie.ath.cx</a>';
  13 $banner = "Harvie's PHP HTTP-Auth script (v$ver)";
  14 $hbanner = "<hr /><i>$banner\n$link</i>\n";
  15 $cbanner = "<!-- $banner -->\n";
  16 /////////////////////////////////////////////////////////////////////////////////////////////////////////////////
  17 //MANUAL/////////////////////////////////////////////////////////////////////////////////////////////////////////
  18 /* HOWTO
  19  * To each file, you want to lock add this line (at begin of first line):
  20  * <?php include('http_auth.php'); ?>
  21  * This file have to be php script (if it's html, simply rename it to .php)
  22  * Server have to run PHP (not CGI).
  23  * You need HTTP Basic auth enabled on server and in php.ini
  24  */
  25 /////////////////////////////////////////////////////////////////////////////////////////////////////////////////
  26 ////CODE/////////////////////////////////////////////////////////////////////////////////////////////////////////
  27   function send_auth_headers($realm='') {
  28     Header('WWW-Authenticate: Basic realm="'.$realm.'"');
  29     Header('HTTP/1.0 401 Unauthorized');
  30   }
  31
  32   function check_auth($PHP_AUTH_USER, $PHP_AUTH_PW) { //Check if login is succesfull (U can modify to use DB, or anything else)
  33         return (($PHP_AUTH_USER == $GLOBALS['user']) && ($PHP_AUTH_PW == $GLOBALS['passwd']));
  34   }
  35
  36   function unauth() { //Do this when login fails
  37     $cbanner = $GLOBALS['cbanner'];
  38     $hbanner = $GLOBALS['hbanner'];
  39     die("$cbanner<title>401 - Forbidden</title>\n<h1>401 - Forbidden</h1>\n<a href=\"?\">Login...</a>\n$hbanner"); //Show warning and die
  40     die(); //Don't forget!!!
  41   }
  42
  43 //Back-Compatibility
  44 if(isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
  45 if(isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
  46
  47 //Logout
  48 if(isset($_GET['logout'])) { //script.php?logout
  49   if(isset($PHP_AUTH_USER) || isset($PHP_AUTH_PW)) {
  50     Header('WWW-Authenticate: Basic realm="'.$realm.'"');
  51     Header('HTTP/1.0 401 Unauthorized');
  52   } else {
  53     if($_GET['logout'] != '') $location = $_GET['logout'];
  54     if(trim($location) != '401') Header('Location: '.$location);
  55     die("$cbanner<title>401 - Log out successfull</title>\n<h1>401 - Log out successfull</h1>\n<a href=\"?\">Continue...</a>\n$hbanner");
  56   }
  57 }
  58
  59 if($require_login) {
  60   if(!isset($PHP_AUTH_USER)) { //Storno or first visit of page
  61     send_auth_headers($realm);
  62     unauth();
  63   } else { //Login sent
  64
  65     if (check_auth($PHP_AUTH_USER, $PHP_AUTH_PW)) { //Login succesfull - probably do nothing
  66     } else { //Bad login
  67       send_auth_headers($realm);
  68       unauth();
  69     }
  70
  71   }
  72 }
  73 //Rest of file will be displayed only if login is correct
  74