TODO: nice URLs
[mirrors/JukeBox.git] / http_auth.php
1 <?php
2 //Harvie's PHP HTTP-Auth script (2oo7)
3 //CopyLefted4U ;)
4 ///SETTINGS//////////////////////////////////////////////////////////////////////////////////////////////////////
5 //Login
6 $realm = 'music'; //This is used by browser to identify protected area and saving passwords (one_site+one_realm==one_user+one_password)
7 $users = array( //You can specify multiple users in this array
8 'music' => 'passw'
9 );
10 //Misc
11 $require_login = true; //Require login? (if false, no login needed) - WARNING!!!
12 $location = '401'; //Location after logout - 401 = default logout page (can be overridden by ?logout=[LOCATION])
13 //CopyLeft
14 $ver = '2o1o-3.9';
15 $link = '<a href="https://blog.harvie.cz/">blog.harvie.cz</a>';
16 $banner = "Harvie's PHP HTTP-Auth script (v$ver)";
17 $hbanner = "<hr /><i>$banner\n-\n$link</i>\n";
18 $cbanner = "<!-- $banner -->\n";
19 //Config file
20 @include('./_config.php');
21 /////////////////////////////////////////////////////////////////////////////////////////////////////////////////
22 //MANUAL/////////////////////////////////////////////////////////////////////////////////////////////////////////
23 /* HOWTO
24 * To each file, you want to lock add this line (at begin of first line - Header-safe):
25 * <?php require_once('http_auth.php'); ?> //Password Protection 8')
26 * Protected file have to be php script (if it's html, simply rename it to .php)
27 * Server needs to have PHP as module (not CGI).
28 * You need HTTP Basic auth enabled on server and php.
29 */
30 /////////////////////////////////////////////////////////////////////////////////////////////////////////////////
31 ////CODE/////////////////////////////////////////////////////////////////////////////////////////////////////////
32 function send_auth_headers($realm='') {
33 Header('WWW-Authenticate: Basic realm="'.$realm.'"');
34 Header('HTTP/1.0 401 Unauthorized');
35 }
36
37 function check_auth($PHP_AUTH_USER, $PHP_AUTH_PW) { //Check if login is succesfull (U can modify this to use DB, or anything else)
38 return (isset($GLOBALS['users'][$PHP_AUTH_USER]) && ($GLOBALS['users'][$PHP_AUTH_USER] == $PHP_AUTH_PW));
39 }
40
41 function unauth() { //Do this when login fails
42 $cbanner = $GLOBALS['cbanner'];
43 $hbanner = $GLOBALS['hbanner'];
44 die("$cbanner<title>401 - Forbidden</title>\n<h1>401 - Forbidden</h1>\n<a href=\"?\">Login...</a>\n$hbanner"); //Show warning and die
45 die(); //Don't forget!!!
46 }
47
48 //Backward compatibility
49 if(isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
50 if(isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
51
52 //Logout
53 if(isset($_GET['logout'])) { //script.php?logout
54 if(isset($PHP_AUTH_USER) || isset($PHP_AUTH_PW)) {
55 Header('WWW-Authenticate: Basic realm="'.$realm.'"');
56 Header('HTTP/1.0 401 Unauthorized');
57 } else {
58 if($_GET['logout'] != '') $location = $_GET['logout'];
59 if(trim($location) != '401') Header('Location: '.$location);
60 die("$cbanner<title>401 - Log out successfull</title>\n<h1>401 - Log out successfull</h1>\n<a href=\"?\">Continue...</a>\n$hbanner");
61 }
62 }
63
64 if($require_login) {
65 if(!isset($PHP_AUTH_USER)) { //Storno or first visit of page
66 send_auth_headers($realm);
67 unauth();
68 } else { //Login sent
69
70 if (check_auth($PHP_AUTH_USER, $PHP_AUTH_PW)) { //Login succesfull - probably do nothing
71 } else { //Bad login
72 send_auth_headers($realm);
73 unauth();
74 }
75
76 }
77 }
78 //Rest of file will be displayed only if login is correct
This page took 0.833087 seconds and 4 git commands to generate.