PHP网页安全认证的实例详解

这篇文章主要介绍了PHP网页安全认证的实例详解的相关资料,这里提供了两种实现方法,一种基于数据库另一种不基于数据库的方法,希望通过本能帮助到大家,需要的朋友可以参考下

PHP网页安全认证的实例详解

不基于数据库:

  1. <?php
  2. //unset($_SERVER['PHP_AUTH_USER']);
  3. $strAuthUser= $_SERVER['PHP_AUTH_USER'];
  4. $strAuthPass= $_SERVER['PHP_AUTH_PW'];
  5. if (! ($strAuthUser == "a" && $strAuthPass == "a")) {
  6. header('WWW-Authenticate: Basic realm="wly"');
  7. header('HTTP/1.0 401 Unauthorized');
  8. echo "用户验证!!";
  9. exit;
  10. } else {
  11. echo "验证通过";
  12. header("location:http://www.baidu.com");
  13. //unset($_SERVER['PHP_AUTH_USER']);
  14. }
  15. ?>

基于数据库:

  1. <?php
  2. function authenticate_user() {
  3. header('WWW-Authenticate: Basic realm="Secret Stash"');
  4. header("HTTP/1.0 401 Unauthorized");
  5. exit;
  6. }
  7. if (! isset($_SERVER['PHP_AUTH_USER'])) {
  8. authenticate_user();
  9. } else {
  10. mysql_pconnect("localhost","authenticator","secret") or die("Can't connect to database server!");
  11. mysql_select_db("java2s") or die("Can't select authentication database!");
  12. $query = "SELECT username, pswd FROM user WHERE username='$_SERVER[PHP_AUTH_USER]' AND pswd=MD5('$_SERVER[PHP_AUTH_PW]')";
  13. $result = mysql_query($query);
  14. // If nothing was found, reprompt the user for the login information.
  15. if (mysql_num_rows($result) == 0) {
  16. authenticate_user();
  17. }
  18. }
  19. ?>