PHP网页安全认证的实例详解
这篇文章主要介绍了PHP网页安全认证的实例详解的相关资料,这里提供了两种实现方法,一种基于数据库另一种不基于数据库的方法,希望通过本能帮助到大家,需要的朋友可以参考下
PHP网页安全认证的实例详解
不基于数据库:
- <?php
- //unset($_SERVER['PHP_AUTH_USER']);
- $strAuthUser= $_SERVER['PHP_AUTH_USER'];
- $strAuthPass= $_SERVER['PHP_AUTH_PW'];
- if (! ($strAuthUser == "a" && $strAuthPass == "a")) {
- header('WWW-Authenticate: Basic realm="wly"');
- header('HTTP/1.0 401 Unauthorized');
- echo "用户验证!!";
- exit;
- } else {
- echo "验证通过";
- header("location:http://www.baidu.com");
- //unset($_SERVER['PHP_AUTH_USER']);
- }
- ?>
基于数据库:
- <?php
- function authenticate_user() {
- header('WWW-Authenticate: Basic realm="Secret Stash"');
- header("HTTP/1.0 401 Unauthorized");
- exit;
- }
- if (! isset($_SERVER['PHP_AUTH_USER'])) {
- authenticate_user();
- } else {
- mysql_pconnect("localhost","authenticator","secret") or die("Can't connect to database server!");
- mysql_select_db("java2s") or die("Can't select authentication database!");
- $query = "SELECT username, pswd FROM user WHERE username='$_SERVER[PHP_AUTH_USER]' AND pswd=MD5('$_SERVER[PHP_AUTH_PW]')";
- $result = mysql_query($query);
- // If nothing was found, reprompt the user for the login information.
- if (mysql_num_rows($result) == 0) {
- authenticate_user();
- }
- }
- ?>