Forked from westonruter/test-php-basic-auth.php
Last active
February 1, 2024 21:18
-
-
Save rchrd2/c94eb4701da57ce9a0ad4d2b00794131 to your computer and use it in GitHub Desktop.
PHP basic auth example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
function require_auth() { | |
$AUTH_USER = 'admin'; | |
$AUTH_PASS = 'admin'; | |
header('Cache-Control: no-cache, must-revalidate, max-age=0'); | |
$has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW'])); | |
$is_not_authenticated = ( | |
!$has_supplied_credentials || | |
$_SERVER['PHP_AUTH_USER'] != $AUTH_USER || | |
$_SERVER['PHP_AUTH_PW'] != $AUTH_PASS | |
); | |
if ($is_not_authenticated) { | |
header('HTTP/1.1 401 Authorization Required'); | |
header('WWW-Authenticate: Basic realm="Access denied"'); | |
exit; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi! Is safe for protect a directory or url adding these precautions?
I hope there are no errors in my function.
Thanks!