| 1 | <?php |
| 2 | //Harvie's PHP HTTP-Auth script (2oo7-2o1o) |
| 3 | //CopyLefted4U ;) |
| 4 | ///SETTINGS////////////////////////////////////////////////////////////////////////////////////////////////////// |
| 5 | //Login |
| 6 | $realm = 'music'; //This is used by browser to identify protected area and saving passwords (one_site+one_realm==one_user+one_password) |
| 7 | $users = array( //You can specify multiple users in this array |
| 8 | 'music' => 'passw' |
| 9 | ); |
| 10 | //Misc |
| 11 | $require_login = true; //Require login? (if false, no login needed) - WARNING!!! |
| 12 | $location = '401'; //Location after logout - 401 = default logout page (can be overridden by ?logout=[LOCATION]) |
| 13 | //CopyLeft |
| 14 | $ver = '2o1o-3.9'; |
| 15 | $link = '<a href="https://blog.harvie.cz/">blog.harvie.cz</a>'; |
| 16 | $banner = "Harvie's PHP HTTP-Auth script (v$ver)"; |
| 17 | $hbanner = "<hr /><i>$banner\n-\n$link</i>\n"; |
| 18 | $cbanner = "<!-- $banner -->\n"; |
| 19 | //Config file |
| 20 | @include('./_config.php'); |
| 21 | ///////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
| 22 | //MANUAL///////////////////////////////////////////////////////////////////////////////////////////////////////// |
| 23 | /* HOWTO |
| 24 | * To each file, you want to lock add this line (at begin of first line - Header-safe): |
| 25 | * <?php require_once('http_auth.php'); ?> //Password Protection 8') |
| 26 | * Protected file have to be php script (if it's html, simply rename it to .php) |
| 27 | * Server needs to have PHP as module (not CGI). |
| 28 | * You need HTTP Basic auth enabled on server and php. |
| 29 | */ |
| 30 | ///////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
| 31 | ////CODE///////////////////////////////////////////////////////////////////////////////////////////////////////// |
| 32 | function send_auth_headers($realm='') { |
| 33 | Header('WWW-Authenticate: Basic realm="'.$realm.'"'); |
| 34 | Header('HTTP/1.0 401 Unauthorized'); |
| 35 | } |
| 36 | |
| 37 | function check_auth($PHP_AUTH_USER, $PHP_AUTH_PW) { //Check if login is succesfull (U can modify this to use DB, or anything else) |
| 38 | return (isset($GLOBALS['users'][$PHP_AUTH_USER]) && ($GLOBALS['users'][$PHP_AUTH_USER] == $PHP_AUTH_PW)); |
| 39 | } |
| 40 | |
| 41 | function unauth() { //Do this when login fails |
| 42 | $cbanner = $GLOBALS['cbanner']; |
| 43 | $hbanner = $GLOBALS['hbanner']; |
| 44 | die("$cbanner<title>401 - Forbidden</title>\n<h1>401 - Forbidden</h1>\n<a href=\"?\">Login...</a>\n$hbanner"); //Show warning and die |
| 45 | die(); //Don't forget!!! |
| 46 | } |
| 47 | |
| 48 | //Backward compatibility |
| 49 | if(isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER']; |
| 50 | if(isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW']; |
| 51 | |
| 52 | //Logout |
| 53 | if(isset($_GET['logout'])) { //script.php?logout |
| 54 | if(isset($PHP_AUTH_USER) || isset($PHP_AUTH_PW)) { |
| 55 | Header('WWW-Authenticate: Basic realm="'.$realm.'"'); |
| 56 | Header('HTTP/1.0 401 Unauthorized'); |
| 57 | } else { |
| 58 | if($_GET['logout'] != '') $location = $_GET['logout']; |
| 59 | if(trim($location) != '401') Header('Location: '.$location); |
| 60 | die("$cbanner<title>401 - Log out successfull</title>\n<h1>401 - Log out successfull</h1>\n<a href=\"?\">Continue...</a>\n$hbanner"); |
| 61 | } |
| 62 | } |
| 63 | |
| 64 | if($require_login) { |
| 65 | if(!isset($PHP_AUTH_USER)) { //Storno or first visit of page |
| 66 | send_auth_headers($realm); |
| 67 | unauth(); |
| 68 | } else { //Login sent |
| 69 | |
| 70 | if (check_auth($PHP_AUTH_USER, $PHP_AUTH_PW)) { //Login succesfull - probably do nothing |
| 71 | } else { //Bad login |
| 72 | send_auth_headers($realm); |
| 73 | unauth(); |
| 74 | } |
| 75 | |
| 76 | } |
| 77 | } |
| 78 | //Rest of file will be displayed only if login is correct |