#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2003
    Posts
    3
    Rep Power
    0

    Question http authentication - stupid question...


    OK. I think the answer is no....

    Is it possible with http authentication (ie, .htaccess stuff) to submit the login name and password via a form instead of the browser popup box?

    I've seen one perl form that does it, but got no joy when trying to pick it apart...

    Any polite suggestions welcome...

    ? ? ?
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jan 2003
    Location
    No es importante
    Posts
    2,065
    Rep Power
    14
    You can use https and a form.
  4. #3
  5. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2003
    Posts
    3
    Rep Power
    0
    Sorry - as you've probably guessed, I know nothing about hhtp authentication.
    I've tried making a form, with the destination (protected url) as the "action" of the form, and passing the variables "username" and "password". This didn't work and I've looked everywhere to find out what will. Can you let me know what I'm doing wrong?
    What should the variable names be for the username and password? - this is the kind of stuff I'm trying to find out.
  6. #4
  7. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2003
    Posts
    2
    Rep Power
    0

    Exclamation the ANSWER


    I might think this is the answer, let me know when it doesn't !



    <?
    /**
    * Class for handling htaccess of Apache
    * @author Agraphobia for Devshed.com
    * @include Funktion:_include_
    */
    class htaccess{
    var $fHtaccess=""; // path and filename for htaccess file
    var $fHtgroup=""; // path and filename for htgroup file
    var $fPasswd="";// path and filename for passwd file
    var $authType="Basic"; // Default authentification type
    var $authName="Internal area"; // Default authentification name
    /**
    * Initialising class htaccess
    */
    function htaccess(){
    }
    /**
    * Sets the filename and path of .htaccess to work with
    * @param string $filenamethe name of htaccess file
    */
    function setFHtaccess($filename){
    $this->fHtaccess=$filename;
    }
    /**
    * Sets the filename and path of the htgroup file for the htaccess file
    * @param string $filenamethe name of htgroup file
    */
    function setFHtgroup($filename){
    $this->fHtgroup=$filename;
    }
    /**
    * Sets the filename and path of the password file for the htaccess file
    * @param string $filenamethe name of htgroup file
    */
    function setFPasswd($filename){
    $this->fPasswd=$filename;
    }
    /**
    * Adds a user to the password file
    * @param string $username Username
    * @param string $password Password for Username
    * @param string $groupGroupname for User (optional)
    * @return boolean $created Returns true if user have been created otherwise false
    */
    function addUser($username,$password,$group){
    // checking if user already exists
    $file=@fopen($this->fPasswd,"r");
    $isAlready=false;
    while($line=@fgets($file,200)){
    $lineArr=explode(":",$line);
    if($username==$lineArr[0]){
    $isAlready=true;
    }
    }
    if($isAlready==false){
    $file=fopen($this->fPasswd,"a");
    $password=crypt($password);
    $newLine=$username.":".$password."\n";
    fputs($file,$newLine);
    fclose($file);
    return true;
    }else{
    return false;
    }
    }
    /**
    * Adds a group to the htgroup file
    * @param string $groupname Groupname
    */
    function addGroup($groupname){
    $file=fopen($this->fHtgroup,"a");
    fclose($file);
    }
    /**
    * Deletes a user in the password file
    * @param string $username Username to delete
    * @return boolean $deletedReturns true if user have been deleted otherwise false
    */
    function delUser($username){
    // Reading names from file
    $file=fopen($path.$this->fPasswd,"r");
    $i=0;
    while($line=fgets($file,200)){
    $lineArr=explode(":",$line);
    if($username!=$lineArr[0]){
    $newUserlist[$i][0]=$lineArr[0];
    $newUserlist[$i][1]=$lineArr[1];
    $i++;
    }else{
    $deleted=true;
    }
    }
    fclose($file);
    // Writing names back to file (without t
    // he user to delete)
    $file=fopen($path.$this->fPasswd,"w");
    for($i=0;$i<count($newUserlist);$i++){
    fputs($file,$newUserlist[$i][0].":".$newUserlist[$i][0]."\n");
    }
    fclose($file);
    if($deleted==true){
    return true;
    }else{
    return false;
    }
    }
    /**
    * Returns an array of all users in a password file
    * @return array $users All usernames of a password file in an array
    * @see setFPasswd()
    */
    function getUsers(){
    }
    /**
    * Sets a password to the given username
    * @param string $username The name of the User for changing password
    * @param string $password New Password for the User
    * @return boolean $isSet Returns true if password have been set
    */
    function setPasswd($username,$new_password){
    // Reading names from file
    $newUserlist="";
    $file=fopen($this->fPasswd,"r");
    $x=0;
    for($i=0;$line=fgets($file,200);$i++){
    $lineArr=explode(":",$line);
    if($username!=$lineArr[0] && $lineArr[0]!="" && $lineArr[1]!=""){
    $newUserlist[$i][0]=$lineArr[0];
    $newUserlist[$i][1]=$lineArr[1];
    $x++;
    }else if($lineArr[0]!="" && $lineArr[1]!=""){
    $newUserlist[$i][0]=$lineArr[0];
    $newUserlist[$i][1]=crypt($new_password)."\n";
    $isSet=true;
    $x++;
    }
    }
    fclose($file);
    unlink($this->fPasswd);
    /// Writing names back to file (with new
    // password)
    $file=fopen($this->fPasswd,"w");
    for($i=0;$i<count($newUserlist);$i++){
    $content=$newUserlist[$i][0].":".$newUserlist[$i][1];
    fputs($file,$content);
    }
    fclose($file);
    if($isSet==true){
    return true;
    }else{
    return false;
    }
    }
    /**
    * Sets the Authentification type for Login
    * @param string $authtype Authentification type as string
    */
    function setAuthType($authtype){
    $this->authType=$authtype;
    }
    /**
    * Sets the Authentification Name (Name of the login area)
    * @param string $authname Name of the login area
    */
    function setAuthName($authname){
    $this->authName=$authname;
    }
    /**
    * Writes the htaccess file to the given Directory and protects it
    * @see setFhtaccess()
    */
    function addLogin(){
    $file=fopen($this->fHtaccess,"w+");
    fputs($file,"Order allow,deny\n");
    fputs($file,"Allow from all\n");
    fputs($file,"AuthType".$this->authType."\n");
    fputs($file,"AuthUserFile".$this->fPasswd."\n\n");
    fputs($file,"AuthName\"".$this->authName."\"\n");
    fputs($file,"require valid-user\n");
    fclose($file);
    }
    /**
    * Deletes the protection of the given directory
    * @see setFhtaccess()
    */
    function delLogin(){
    unlink($this->fHtaccess);
    }
    }
    ?>

    Hope it wil work

    Grtz Agraphobia
    Last edited by Agraphobia; August 11th, 2003 at 06:42 AM.
  8. #5
  9. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2003
    Posts
    2
    Rep Power
    0

    Talking Maybe more easier


    I think this script is more intresting ?
    intresting link:
    http://www.planet-source-code.com


    <?
    /*Author Agraphobia for forums.devshed.com*/

    if(($PHP_AUTH_USER == "Agra") AND ($PHP_AUTH_PW == "phobia"))
    {
    print("<HTML>\n");
    print("<HEAD>\n");
    print("<TITLE>Welcome to Members Area</TITLE>\n");
    print("</HEAD>\n");
    print("<BODY>\n");
    print("You have logged in successfully!<BR>\n");
    $username = "Agraphobia";
    $email = "Agraphobia@....com";
    $mailsubject = "$PHP_AUTH_USER has logged in ";
    $Fromname = "Agraphobia";
    $Fromaddress = "Agraphobia";

    $today = date("g:i a");
    $time=$today;
    $x= date("U");
    $m = date("M");
    $x1 =date(" dS, F Y",$x);
    $msg = "This is to inform System Administrator That $PHP_AUTH_USER had logged in with $PHP_AUTH_PW as password on $x1 ";
    if (mail($username." <".$email.">", $mailsubject, $msg, "From: ".$Fromname." <".$Fromaddress.">\nContent-Type: text/html; charset=iso-8859-1"))
    {
    print ("Mail Sent To $username<br><br>");
    print ($msg);
    }
    else
    {
    print ("Mail Dead");
    }
    print("</BODY>\n");
    print("</HTML>\n");
    }
    else
    {
    header("WWW-Authenticate: Basic realm=\"Protected Area Members Only\"");
    header("HTTP/1.0 401 Unauthorized");
    print("This page is protected by HTTP Authentication.<br>\n");
    print("<B>Agra</B> for the username, and phobia is password ");
    }
    ?>


    Grtz Agraphobia
    Last edited by Agraphobia; August 11th, 2003 at 06:42 AM.
  10. #6
  11. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2003
    Posts
    3
    Rep Power
    0
    Thanks for the replies - will have to look at these tomorrow - am a little swamped at the mo'. Will let you know how it went.

    Cheers, paul.

IMN logo majestic logo threadwatch logo seochat tools logo