Commit | Line | Data |
---|---|---|
84aff5c8 H |
1 | <?php\r |
2 | ///SETTINGS//////////////////////////////////////////////////////////////////////////////////////////////////////\r | |
3 | //Login\r | |
4 | $realm = 'secret_zone'; //This is used by browser to identify protected area and saving passwords (one_site+one_realm==one_user+one_password)\r | |
5 | $user = 'root'; //User\r | |
6 | $passwd = 'toor'; //Password\r | |
7 | //Misc\r | |
8 | $require_login = true; //Require login? (if false, no login needed) - WARNING!!!\r | |
9 | $location = '401'; //Location after logout - 401 = default logout page (can be overridden by ?logout=[LOCATION])\r | |
10 | //CopyLeft\r | |
11 | $ver = '3.7.1';\r | |
12 | $link = '<a href="https://harvie.ath.cx/">harvie.ath.cx</a>';\r | |
13 | $banner = "Harvie's PHP HTTP-Auth script (v$ver)";\r | |
14 | $hbanner = "<hr /><i>$banner\n$link</i>\n";\r | |
15 | $cbanner = "<!-- $banner -->\n";\r | |
16 | /////////////////////////////////////////////////////////////////////////////////////////////////////////////////\r | |
17 | //MANUAL/////////////////////////////////////////////////////////////////////////////////////////////////////////\r | |
18 | /* HOWTO\r | |
19 | * To each file, you want to lock add this line (at begin of first line):\r | |
20 | * <?php include('http_auth.php'); ?>\r | |
21 | * This file have to be php script (if it's html, simply rename it to .php)\r | |
22 | * Server have to run PHP (not CGI).\r | |
23 | * You need HTTP Basic auth enabled on server and in php.ini\r | |
24 | */\r | |
25 | /////////////////////////////////////////////////////////////////////////////////////////////////////////////////\r | |
26 | ////CODE/////////////////////////////////////////////////////////////////////////////////////////////////////////\r | |
27 | function send_auth_headers($realm='') {\r | |
28 | Header('WWW-Authenticate: Basic realm="'.$realm.'"');\r | |
29 | Header('HTTP/1.0 401 Unauthorized');\r | |
30 | }\r | |
31 | \r | |
32 | function check_auth($PHP_AUTH_USER, $PHP_AUTH_PW) { //Check if login is succesfull (U can modify to use DB, or anything else)\r | |
33 | return (($PHP_AUTH_USER == $GLOBALS['user']) && ($PHP_AUTH_PW == $GLOBALS['passwd']));\r | |
34 | }\r | |
35 | \r | |
36 | function unauth() { //Do this when login fails\r | |
37 | $cbanner = $GLOBALS['cbanner'];\r | |
38 | $hbanner = $GLOBALS['hbanner'];\r | |
39 | die("$cbanner<title>401 - Forbidden</title>\n<h1>401 - Forbidden</h1>\n<a href=\"?\">Login...</a>\n$hbanner"); //Show warning and die\r | |
40 | die(); //Don't forget!!!\r | |
41 | }\r | |
42 | \r | |
43 | //Back-Compatibility\r | |
44 | if(isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];\r | |
45 | if(isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];\r | |
46 | \r | |
47 | //Logout\r | |
48 | if(isset($_GET['logout'])) { //script.php?logout\r | |
49 | if(isset($PHP_AUTH_USER) || isset($PHP_AUTH_PW)) {\r | |
50 | Header('WWW-Authenticate: Basic realm="'.$realm.'"');\r | |
51 | Header('HTTP/1.0 401 Unauthorized');\r | |
52 | } else {\r | |
53 | if($_GET['logout'] != '') $location = $_GET['logout'];\r | |
54 | if(trim($location) != '401') Header('Location: '.$location);\r | |
55 | die("$cbanner<title>401 - Log out successfull</title>\n<h1>401 - Log out successfull</h1>\n<a href=\"?\">Continue...</a>\n$hbanner");\r | |
56 | }\r | |
57 | }\r | |
58 | \r | |
59 | if($require_login) {\r | |
60 | if(!isset($PHP_AUTH_USER)) { //Storno or first visit of page\r | |
61 | send_auth_headers($realm);\r | |
62 | unauth();\r | |
63 | } else { //Login sent\r | |
64 | \r | |
65 | if (check_auth($PHP_AUTH_USER, $PHP_AUTH_PW)) { //Login succesfull - probably do nothing\r | |
66 | } else { //Bad login\r | |
67 | send_auth_headers($realm);\r | |
68 | unauth();\r | |
69 | }\r | |
70 | \r | |
71 | }\r | |
72 | }\r | |
73 | //Rest of file will be displayed only if login is correct\r | |
74 | \r |