PHP网页安全认证的实例详解
不基于数据库:
<?php //unset($_SERVER['PHP_AUTH_USER']); $strAuthUser= $_SERVER['PHP_AUTH_USER']; $strAuthPass= $_SERVER['PHP_AUTH_PW']; if (! ($strAuthUser == "a" && $strAuthPass == "a")) { header('WWW-Authenticate: Basic realm="wly"'); header('HTTP/1.0 401 Unauthorized'); echo "用户验证!!"; exit; } else { echo "验证通过"; header("location:http://www.baidu.com"); //unset($_SERVER['PHP_AUTH_USER']); } ?>
基于数据库:
<?php function authenticate_user() { header('WWW-Authenticate: Basic realm="Secret Stash"'); header("HTTP/1.0 401 Unauthorized"); exit; } if (! isset($_SERVER['PHP_AUTH_USER'])) { authenticate_user(); } else { mysql_pconnect("localhost","authenticator","secret") or die("Can't connect to database server!"); mysql_select_db("java2s") or die("Can't select authentication database!"); $query = "SELECT username, pswd FROM user WHERE username='$_SERVER[PHP_AUTH_USER]' AND pswd=MD5('$_SERVER[PHP_AUTH_PW]')"; $result = mysql_query($query); // If nothing was found, reprompt the user for the login information. if (mysql_num_rows($result) == 0) { authenticate_user(); } } ?>
如有疑问请留言或者到本站社区交流讨论,感谢阅读,希望能帮助到大家,谢谢大家对本站的支持!