lindm Posted December 28, 2007 Share Posted December 28, 2007 I want to open and write to a password protected file (basic auth) how should the php script be executed? fopen($url, "w") where $url is for instance username:userpass@www.example.com/file.html? Thanks Quote Link to comment Share on other sites More sharing options...
sKunKbad Posted December 29, 2007 Share Posted December 29, 2007 $handle = fopen("ftp://user:password@example.com/somefile.txt", "w"); see the manual http://us.php.net/manual/en/function.fopen.php Quote Link to comment Share on other sites More sharing options...
lindm Posted December 29, 2007 Author Share Posted December 29, 2007 Can't get it quite working. So fopen combined with basic authentication only works with ftp (I have not enabled ftp)?? My file is located on the same server...have swtiched safe mode off as well. So question now is: I want to fopen a password protected (basic auth) local file without ftp...how? THanks Quote Link to comment Share on other sites More sharing options...
atlanta Posted December 29, 2007 Share Posted December 29, 2007 It would be the same for http $handle = fopen("http://user:password@example.com/somefile.php"); Quote Link to comment Share on other sites More sharing options...
lindm Posted December 29, 2007 Author Share Posted December 29, 2007 Well get the following error: Warning: fopen(http://...@10.0.1.3/htdocs/index.php) [function.fopen]: failed to open stream: HTTP wrapper does not support writeable connections. in /Library/WebServer/Documents/htdocs/writeform.php on line 21 Unable to open file! I am working on a local environment...could this be a factor? Should perhaps mention I am opening the file to write to it... Quote Link to comment Share on other sites More sharing options...
lindm Posted December 30, 2007 Author Share Posted December 30, 2007 Would it perhaps be possible to bypass the authentication for the calling script? Current authentication script: <?php if(!isset($_SERVER["PHP_AUTH_USER"])){ Header("WWW-Authenticate: Basic realm=\"Restricted Access\""); Header("HTTP/1.1 401 Unauthorized"); echo "Authorization missing."; exit(); } $host="xxx.com"; $user="xxx"; $pass="xxx"; $db="xxx"; $table="xxx"; $validate=FALSE; $path = explode("/", getcwd()); $orgnr=$path[count($path)-1]; //Orgnr is the current folder $con = mysql_pconnect ("$host", "$user", "$pass") or die("Error: " . mysql_error()); mysql_select_db ("$db"); $result = mysql_query("SELECT * FROM $table Where orgnr = $orgnr"); $row = mysql_fetch_array($result); if (($_SERVER["PHP_AUTH_USER"]==$row["userName"])&&($_SERVER["PHP_AUTH_PW"]==$row["userPass"])) {$validate=TRUE;} mysql_close(); if ($validate==FALSE){ Header("WWW-Authenticate: Basic realm=\"Restricted Access\""); Header("HTTP/1.1 401 Unauthorized"); echo "Authorization missing."; exit(); } ?> Would be <?php if CALLING SCRIPT IS NOT YYY.php{ if(!isset($_SERVER["PHP_AUTH_USER"])){ Header("WWW-Authenticate: Basic realm=\"Restricted Access\""); Header("HTTP/1.1 401 Unauthorized"); echo "Authorization missing."; exit(); } $host="xxx.com"; $user="xxx"; $pass="xxx"; $db="xxx"; $table="xxx"; $validate=FALSE; $path = explode("/", getcwd()); $orgnr=$path[count($path)-1]; //Orgnr is the current folder $con = mysql_pconnect ("$host", "$user", "$pass") or die("Error: " . mysql_error()); mysql_select_db ("$db"); $result = mysql_query("SELECT * FROM $table Where orgnr = $orgnr"); $row = mysql_fetch_array($result); if (($_SERVER["PHP_AUTH_USER"]==$row["userName"])&&($_SERVER["PHP_AUTH_PW"]==$row["userPass"])) {$validate=TRUE;} mysql_close(); if ($validate==FALSE){ Header("WWW-Authenticate: Basic realm=\"Restricted Access\""); Header("HTTP/1.1 401 Unauthorized"); echo "Authorization missing."; exit(); } } ?> What would the changed code be? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.