From 4641c2f0ed0ed505df32a6bec7f126b4dd1d4747 Mon Sep 17 00:00:00 2001 From: Harvie Date: Sun, 25 Jul 2010 15:59:18 +0200 Subject: [PATCH] fixed http_auth.php encoding and version --- example_config.php | 13 ++++---- http_auth.php | 79 +++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 85 insertions(+), 7 deletions(-) diff --git a/example_config.php b/example_config.php index 302d87f..6ad41bd 100755 --- a/example_config.php +++ b/example_config.php @@ -15,17 +15,18 @@ $music_dir = './music'; //Local path to directory with music $music_dir_url = 'http://your-server.net/jukebox/music'; //URL path to the same directory CHANGE IT! $cache_passwd = 'renew123'; //You need this passwd to refresh search cache CHANGE IT! //Login -$realm = 'music';//Banner -$user = 'music';//User -$passwd = 'Default-Secr3t_PaSsw0rd'; //Password CHANGE IT! -$require_login = true; +$realm = 'music'; //HTTP Auth Banner +$users = array( //List of 'user' => 'password' touples CHANGE IT! + 'music' => 'Default-Secr3t_PaSsw0rd' +); +$require_login = true; //More search engines /* $search_engines = array_merge($search_engines, array( - 'Harvie\'s blog!' => 'http://blog.harvie.cz/?s=' + 'Harvie\'s blog!' => 'http://blog.harvie.cz/?s=' )); */ //Bonuses if(isset($bonus_dir) && is_dir($bonus_dir)) { - $css_file = $bonus_dir.'/themes/default/jukebox.css'; //CSS (Design/Theme) + $css_file = $bonus_dir.'/themes/default/jukebox.css'; //CSS (Design/Theme) } diff --git a/http_auth.php b/http_auth.php index 6a0d892..98f08e6 100755 --- a/http_auth.php +++ b/http_auth.php @@ -1 +1,78 @@ -Harvie.cz'; $banner = "Harvie's PHP HTTP-Auth script (v$ver)"; $hbanner = "
$banner\n-\n$link\n"; $cbanner = "\n"; //Config file @include('./_config.php'); ///////////////////////////////////////////////////////////////////////////////////////////////////////////////// //MANUAL///////////////////////////////////////////////////////////////////////////////////////////////////////// /* HOWTO * To each file, you want to lock add this line (at begin of first line - Header-safe): * //Password Protection 8') * Protected file have to be php script (if it's html, simply rename it to .php) * Server needs to have PHP as module (not CGI). * You need HTTP Basic auth enabled on server and php. */ ///////////////////////////////////////////////////////////////////////////////////////////////////////////////// ////CODE///////////////////////////////////////////////////////////////////////////////////////////////////////// function send_auth_headers($realm='') { Header('WWW-Authenticate: Basic realm="'.$realm.'"'); Header('HTTP/1.0 401 Unauthorized'); } function check_auth($PHP_AUTH_USER, $PHP_AUTH_PW) { //Check if login is succesfull (U can modify this to use DB, or anything else) return (($PHP_AUTH_USER == $GLOBALS['user']) && ($PHP_AUTH_PW == $GLOBALS['passwd'])); } function unauth() { //Do this when login fails $cbanner = $GLOBALS['cbanner']; $hbanner = $GLOBALS['hbanner']; die("$cbanner401 - Forbidden\n

401 - Forbidden

\nLogin...\n$hbanner"); //Show warning and die die(); //Don't forget!!! } //Back-Compatibility if(isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER']; if(isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW']; //Logout if(isset($_GET['logout'])) { //script.php?logout if(isset($PHP_AUTH_USER) || isset($PHP_AUTH_PW)) { Header('WWW-Authenticate: Basic realm="'.$realm.'"'); Header('HTTP/1.0 401 Unauthorized'); } else { if($_GET['logout'] != '') $location = $_GET['logout']; if(trim($location) != '401') Header('Location: '.$location); die("$cbanner401 - Log out successfull\n

401 - Log out successfull

\nContinue...\n$hbanner"); } } if($require_login) { if(!isset($PHP_AUTH_USER)) { //Storno or first visit of page send_auth_headers($realm); unauth(); } else { //Login sent if (check_auth($PHP_AUTH_USER, $PHP_AUTH_PW)) { //Login succesfull - probably do nothing } else { //Bad login send_auth_headers($realm); unauth(); } } } //Rest of file will be displayed only if login is correct \ No newline at end of file + 'passw' +); +//Misc +$require_login = true; //Require login? (if false, no login needed) - WARNING!!! +$location = '401'; //Location after logout - 401 = default logout page (can be overridden by ?logout=[LOCATION]) +//CopyLeft +$ver = '2o1o-3.9'; +$link = 'harvie.ath.cx'; +$banner = "Harvie's PHP HTTP-Auth script (v$ver)"; +$hbanner = "
$banner\n-\n$link\n"; +$cbanner = "\n"; +//Config file +@include('./_config.php'); +///////////////////////////////////////////////////////////////////////////////////////////////////////////////// +//MANUAL///////////////////////////////////////////////////////////////////////////////////////////////////////// +/* HOWTO + * To each file, you want to lock add this line (at begin of first line - Header-safe): + * //Password Protection 8') + * Protected file have to be php script (if it's html, simply rename it to .php) + * Server needs to have PHP as module (not CGI). + * You need HTTP Basic auth enabled on server and php. + */ +///////////////////////////////////////////////////////////////////////////////////////////////////////////////// +////CODE///////////////////////////////////////////////////////////////////////////////////////////////////////// + function send_auth_headers($realm='') { + Header('WWW-Authenticate: Basic realm="'.$realm.'"'); + Header('HTTP/1.0 401 Unauthorized'); + } + + function check_auth($PHP_AUTH_USER, $PHP_AUTH_PW) { //Check if login is succesfull (U can modify this to use DB, or anything else) + return (isset($GLOBALS['users'][$PHP_AUTH_USER]) && ($GLOBALS['users'][$PHP_AUTH_USER] == $PHP_AUTH_PW)); + } + + function unauth() { //Do this when login fails + $cbanner = $GLOBALS['cbanner']; + $hbanner = $GLOBALS['hbanner']; + die("$cbanner401 - Forbidden\n

401 - Forbidden

\nLogin...\n$hbanner"); //Show warning and die + die(); //Don't forget!!! + } + +//Backward compatibility +if(isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER']; +if(isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW']; + +//Logout +if(isset($_GET['logout'])) { //script.php?logout + if(isset($PHP_AUTH_USER) || isset($PHP_AUTH_PW)) { + Header('WWW-Authenticate: Basic realm="'.$realm.'"'); + Header('HTTP/1.0 401 Unauthorized'); + } else { + if($_GET['logout'] != '') $location = $_GET['logout']; + if(trim($location) != '401') Header('Location: '.$location); + die("$cbanner401 - Log out successfull\n

401 - Log out successfull

\nContinue...\n$hbanner"); + } +} + +if($require_login) { + if(!isset($PHP_AUTH_USER)) { //Storno or first visit of page + send_auth_headers($realm); + unauth(); + } else { //Login sent + + if (check_auth($PHP_AUTH_USER, $PHP_AUTH_PW)) { //Login succesfull - probably do nothing + } else { //Bad login + send_auth_headers($realm); + unauth(); + } + + } +} +//Rest of file will be displayed only if login is correct -- 2.30.2