Basic Security
<?php
// START FILE: security.php
session_start();
$errorlogin = "Authentication Required"; // Text to display when login error
$basicrealm = "Private Stuff"; // Displayed text on login form
$authentication = Array (1=>Array("user1", "pass1"), // User and Pass for User-1
2=>Array("user2", "pass2"), // User and Pass for User-2
3=>Array("user3", "pass3"));// User and Pass for User-3
class security {
var $authentication = Array();
var $errorlogin;
var $basicrealm;
function security() {
global $authentication, $errorlogin, $basicrealm;
$this->authentication = $authentication;
$this->errorlogin = $errorlogin;
$this->basicrealm = $basicrealm;
}
function secureMe() {
global $_SESSION, $PHP_AUTH_USER, $PHP_AUTH_PW;
if (trim($PHP_AUTH_USER)!=""&&trim($PHP_AUTH_PW)!="") {
if($this->checkLogin($PHP_AUTH_USER, $PHP_AUTH_PW)) return true;
}
if (!$_SESSION||$_SESSION["passed"]!="") {
$this->showLogin();
return false;
}
}
function showLogin() {
global $login_error, $realms;
header('WWW-Authenticate: Basic realm='.$this->basicrealm);
header('HTTP/1.0 401 Unauthorized');
print $this->errorlogin;
exit();
}
function checkLogin($username, $password) {
for($i=0;$i<count($this->authentication);$i++) {
if($username == $this->authentication[$i][0] &&
$password == $this->authentication[$i][1]) {
$j++;
}
}
if($j!=0) return true;
}
};
// END FILE: security.php
?>
Put the line below on the top of the page you wish to secured.
<?php
require_once("./security.php");
$security = new security;
if($security->secureMe()) $passed = "true"; session_register('passed');
?>
