current community

your communities

more stack exchange communities

Stack Exchange
tour help
careers 2.0
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 1 down vote favorite

I was always using an authentication on PHP that worked perfectly. Looks like this:

function login()
{
    header('WWW-Authenticate: Basic realm="Acceso restringido."');
    header('HTTP/1.0 401 Unauthorized');
    echo "Acceso restringido.\n";
    exit;
}


if (!isset($_SERVER['PHP_AUTH_USER'])) {
    login();
} else {
    if ($_SERVER['PHP_AUTH_USER'] == 'test' && $_SERVER['PHP_AUTH_PW'] == 'test1') {
   } else {
        login();
    }
}

However, I changed hosts to ipage.com and now I get the user/pass prompt window but it never takes the user/pass assigned. It keeps on prompting for user/pass.

I read something about CGI but did not get whether this method is not usable in PHP configured as CGI. Is there any alternative?

share|improve this question
1  
I think it is a serious security issue that you have the credentials right in the php-code! You should either use bcrypt or use authentication through .htaccess. –  Lars Ebert Jul 17 '13 at 15:08
2  
do a var_dump($_SERVER) to see what you're getting in those two server vars. PHP in cgi mode only has trouble with this stuff if you're running under the IIS web server. –  Marc B Jul 17 '13 at 15:13
    
@MarcB - I var dumped and the PHP_AUTH_USER and PHP_AUTH_PW don't even show as variables... –  samyb8 Jul 17 '13 at 15:19
    
What's your PHP version? –  RandomSeed Jul 17 '13 at 15:24
    
PHP Version 5.2.17 | and API is CGI | and stackoverflow.com/questions/7053306/… –  samyb8 Jul 17 '13 at 15:26

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Browse other questions tagged or ask your own question.