PHP Authentication (centos)

deco · **deco**, WDF Noob Private message

The way the site is configured now, the user access a certain part of the webpage, and they get a pop-up prompting them for user/pw. I really don't like popups so I want to get rid of it. My solution is to have them login via form. The code I am using work and forwards them to the appropriate page, but when they are forwarded the popup still comes up. But they have already entered their authentication information.

This is the code I'm using that I found online. I get it, but I don't understand how to get the popup to stop coming up. So I pose my question: How do I get the pop-up to stop coming up?

PHP How do I post PHP blocks?

$f_user = $_REQUEST['user']; $f_pass = $_REQUEST['pw']; // login.php - performs validation // authenticate using form variables $status = authenticate($f_user, $f_pass); // if user/pass combination is correct if ($status == 1) { // initiate a session session_start(); // register some session variables session_register("SESSION"); // including the username session_register("SESSION_UNAME"); $SESSION_UNAME = $f_user; // redirect to protected page header("Location: members/index.html"); // exit(); } else // user/pass check failed { // redirect to error page header("Location: /error.php?e=$status"); //exit(); } // authenticate username/password against /etc/passwd // returns: -1 if user does not exist // 0 if user exists but password is incorrect // 1 if username and password are correct endif; function authenticate($user, $pass) { $result = -1; // make sure that the script has permission to read this file! $data = file("passwd"); // iterate through file foreach ($data as $line) { $arr = explode(":", $line); // if username matches // test password echo $arr[0]; if (trim($arr[0]) === trim($user)) { // get salt and crypt() $salt = substr($arr[1], 0, 2); // if match, user/pass combination is correct // return 1 if (trim($arr[1]) === trim(crypt($pass, $salt))) { $result = 1; break; } // otherwise return 0 else { $result = 0; break; } } } // return value return $result; }

*mlseim* · ***mlseim***, WDF Moderator Private message

I'm just guessing here, but I think that the pop-up you're seeing is because
of a directory protected with .htaccess type of password. This is not part
of your scripts or web pages, but a part of the directory ... either created
by you or within your webhost's control panel "directory protection" settings.

Something like this is in place?
http://www.elated.com/articles/passw...with-htaccess/

***smoseley*** · Posted **June 3 '09** at **12:28 PM**

FYI, you can use a web form to control HTTP authentication, but the code will have to be Javascript based, and will have to persist the username and password on the client.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Top 21 PHP Programming mistakes	thexchord	PHP	18	March 10 '10 09:52 AM
Php code problems	longstand	PHP	2	October 9 '07 08:17 AM
PHP and MySQL issues: PHP not loading extensions!!	darknailblue	PHP	5	January 2 '07 09:02 PM
php vs. cfm	gar598	PHP	1	April 2 '04 12:49 PM
Basic PHP Uploads Tutorial	thexchord	Coding Articles & Tutorials	2	May 2 '02 09:28 PM