php http authentication

[jandrews3]

The following code continues to ask for authentication even if I enter the right username (foo) and password (bar). What am I doing wrong?

<?
if ( $auth != 1 ) {		//if the user isn't authenticated

    header( "WWW-Authenticate: Basic realm=\"Authorization Required!\"" ); //this makes the browser generate a login box
    header( "HTTP/1.0 401 Unauthorized" ); //this tells the browser that further viewing is not permitted
    echo 'Authorization Required!'; //and this gets echoed if the user doesn't enter the correct username/password pair
    exit; //this makes the script exit, and the user session ends. No script for you!
}


$auth = 0; // Assume user is not authenticated
if (($PHP_AUTH_USER == "foo" ) && ($PHP_AUTH_PW == "bar" )) $auth = 1; //If all is well, consider the user authenticated


?>
<html>
<head>

	<meta http-equiv="content-type" content="text/html; charset=utf-8">
	<title>test</title>

</head>
<body>
<p>You must have entered the right password.</p>
</body>
</html>

 

 

[p2grace]

Try using

 

$_SERVER['PHP_AUTH_USER'] instead of $PHP_AUTH_USER and $_SERVER['PHP_AUTH_PW'] instead of $PHP_AUTH_PW.

 

Let me know if that works.

 

Thanks.

 

[revraz]

You shouldn't start a 2nd thread on the same subject.

[jandrews3]

Thank you. Sorry. Do you have anything constructive to add? You are a "Super Guru".