user authentication help required:(

Dev Shed Forums Sponsor:

July 7th, 2000, 06:52 AM

The_Net_Muppet

Contributing User

Join Date: Jun 2000

Location: England

Posts: 471

Time spent in forums: 6 Days 17 h 39 m 8 sec
Reputation Power: 27

It wont validate the user name and password from the text file, can anyone help please?

I think it is the text file corrupt or something?, I done it in notepad.

auth.php
========
<BLOCKQUOTE>code:<HR><pre>

<?php

// File Name: auth03.php

// Check to see if $PHP_AUTH_USER already contains info

if (!isset($PHP_AUTH_USER)) {

// If empty, send header causing dialog box to appear

header('WWW-Authenticate: Basic realm="My Private Stuff"');
header('HTTP/1.0 401 Unauthorized');
exit;

} else if (isset($PHP_AUTH_USER)) {

// If non-empty, open file containing valid user info

$filename = "/path/to/file.txt";
$fp = fopen($filename, "r");
$file_contents = fread($fp, filesize($filename));
fclose($fp);

// Place each line in user info file into an array

$line = explode("n", $file_contents);

// For as long as $i is <= the size of the $line array,
// explode each array element into a username and password pair

$i = 0;

while($i <= sizeof($line)) {
$data_pair = explode(":", $line[$i]);

if (($data_pair[0] == "$PHP_AUTH_USER") && ($data_pair[1] ==
"$PHP_AUTH_PW")) {
$auth = 1;
break;
} else {
$auth = 0;
}
$i++;
}

if ($auth == "1") {

echo "You're authorized!";
exit;

} else {

header('WWW-Authenticate: Basic realm="My Private Stuff"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
exit;

}
}
?>
[/code]

file.txt:
=========

<BLOCKQUOTE>code:<HR><pre>

guest:guest
[/code]

------------------

July 7th, 2000, 08:18 AM

Robert_J_Sherman

Guest

Posts: n/a
Time spent in forums:
Reputation Power:

First, let me say that you only need to check and see if that authuser and password is not set...

if (!isset()) {
header();
header();
exit;
} else {
They're authorized
}

In short, you only need to check once per browser session..

understand the above isn't perfect, it's a quickly thrown up example.

------------------
SnR Graphics,
Low Cost Hosting and Web Development.

July 7th, 2000, 11:10 AM

firepages

Contributing User

Join Date: Feb 2000

Location: Perth West Australia

Posts: 757

Time spent in forums: 4 h 18 m 32 sec
Reputation Power: 14

Hi muppet - you will have to lever this into your code - Here we fetch the text line by line (taken straight from the manual) as it is more efficient, we break the loop when a match is found.

<?php
$fd = fopen("passtest.txt", "r");
while (!feof($fd)) {
$buffer = fgets($fd, 4096);
$split=explode(",",$buffer);
if($split[0]==$PHP_AUTH_USER && chop($split[1])==$PHP_AUTH_PW){$gotit=1;break;}
}
fclose($fd);
if($gotit==1){echo " username $user and password $pass are valid";}else {echo " username $user and password $pass are not valid";}
?>

I think the problem is solved by the chop() fuction which clears the whitespace from the password - without the chop() - the code was not working all the time - give it a try - I was using a textfile as below.

1,mary
2,john
3,bill
4,arthur
5,elsie

The rest of your code is fine and would Authenticate once only as it is.

------------------
Simon Wheeler
FirePages -DHTML/PHP/MySQL

July 10th, 2000, 02:07 AM

The_Net_Muppet

Contributing User

Join Date: Jun 2000

Location: England

Posts: 471

Time spent in forums: 6 Days 17 h 39 m 8 sec
Reputation Power: 27

Thank you for your reply,

How will the entire script look like?, also how will I place the users passwords on the file.txt?

eg.

,mary:mypassqordhere

July 10th, 2000, 06:15 AM

firepages

Contributing User

Join Date: Feb 2000

Location: Perth West Australia

Posts: 757

Time spent in forums: 4 h 18 m 32 sec
Reputation Power: 14

you should be able to see where this fits in

} else if (isset($PHP_AUTH_USER)) { // If non-empty, open file containing valid user info ######## FROM HERE
$auth=0;
$fd = fopen("passtest.txt", "r");
while (!feof($fd)) {
$buffer = fgets($fd, 4096);
$split=explode(",",$buffer);
if($split[0]==$PHP_AUTH_USER && chop($split[1])==$PHP_AUTH_PW){$auth=1;break;}
}
fclose($fd);//######## TO HERE ####
if ($auth == "1") {echo "You're
authorized!"; exit;

} else {
header('WWW-Authenticate: Basic realm="My Private Stuff"');

Mind you I have not tested this yet but it should work fine.

This assumes you have a password file called passtest.txt (.inc would be better .php3 even more so) if you use .txt extension - give it an obscure name one that is hard to guess

the text in the file needs to be:

username,password
username,password

etc no space at the begining , just a comma seperator nothing else at the end.

As for adding entries - do the first one manually - then check out the PHP mannual under fopen() fputs() fread() etc - if you get really stuck post here again.

------------------
Simon Wheeler
FirePages -DHTML/PHP/MySQL

July 10th, 2000, 06:47 AM

The_Net_Muppet

Contributing User

Join Date: Jun 2000

Location: England

Posts: 471

Time spent in forums: 6 Days 17 h 39 m 8 sec
Reputation Power: 27

Hello Simon,

Thank you for the reply, I will take a look at this when I get some time tonight. have a good day.

---------

Darren

July 11th, 2000, 07:21 AM

The_Net_Muppet

Contributing User

Join Date: Jun 2000

Location: England

Posts: 471

Time spent in forums: 6 Days 17 h 39 m 8 sec
Reputation Power: 27

Hi, this is my new code. it crashes on on line 59, can anyone help?

Thanks for the time
<BLOCKQUOTE>code:<HR><pre>

<?php
// File Name: new.php

// Check to see if $PHP_AUTH_USER already contains info
if (!isset($PHP_AUTH_USER)) {
// If empty, send header causing dialog box to appear
header('WWW-Authenticate: Basic realm="My Private Stuff"');
header('HTTP/1.0 401 Unauthorized');
exit;
} else if (isset($PHP_AUTH_USER)) {
} else if (isset($PHP_AUTH_USER)) {

}

// start

$auth=0;
$fd = fopen("http://localhost/passtest.txt", "r");
while (!feof($fd)) {
$buffer = fgets($fd, 4096);
$split=explode(",",$buffer);
if($split[0]==$PHP_AUTH_USER && chop($split[1])==$PHP_AUTH_PW){$auth=1;break;}
}
fclose($fd);

// end

// Place each line in user info file into an array
$split = explode("n", $file_contents);
// For as long as $i is <= the size of the $line array,
// explode each array element into a username and password pair

$i = 0;
while($i <= sizeof($line)) {
$data_pair = explode(":", $split[$i]);
if (($data_pair[0] == "$PHP_AUTH_USER") && ($data_pair[1] ==
"$PHP_AUTH_PW")) {
$auth = 1;
break;
} else {
$auth = 0;
}
$i++;
}
if ($auth == "1") {
echo "You're authorized!";
exit;
} else {
header('WWW-Authenticate: Basic realm="My Private Stuff"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
exit;
}
}
?>

[/code]

July 11th, 2000, 12:32 PM

firepages

Contributing User

Join Date: Feb 2000

Location: Perth West Australia

Posts: 757

Time spent in forums: 4 h 18 m 32 sec
Reputation Power: 14

<?php
//File Name: auth03.php
// Check to see if $PHP_AUTH_USER already contains info
if (!isset($PHP_AUTH_USER)) {// If empty, send header causing dialog box to appear header('WWW-Authenticate: Basic realm="My Private Stuff"'); header('HTTP/1.0 401 Unauthorized'); exit; }
else if (isset($PHP_AUTH_USER)) {// If non-empty, open file containing valid user info$auth=0;
$fd = fopen("passtest.txt", "r");
while (!feof($fd)) {
$buffer = fgets($fd, 4096);
$split=explode(",",$buffer);
if($split[0]==$PHP_AUTH_USER && chop($split[1])==$PHP_AUTH_PW){$auth=1;break;}
}
fclose($fd);
if ($auth == "1") { echo "You're authorized!"; exit; } else { header('WWW-Authenticate: Basic realm="My Private Stuff"'); header('HTTP/1.0 401 Unauthorized'); echo 'Authorization Required.'; exit; } }?>

------------------
Simon Wheeler
FirePages -DHTML/PHP/MySQL

[This message has been edited by firepages (edited July 11, 2000).]

user authentication help required:(

Developer Shed Advertisers and Affiliates