锟斤拷锟斤拷锟斤拷 header() 锟斤拷锟斤拷锟斤拷锟斤拷突锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷"Authentication Required"锟斤拷息锟斤拷使锟戒弹锟斤拷一锟斤拷锟矫伙拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟诫窗锟节★拷锟斤拷锟矫伙拷锟斤拷锟斤拷锟矫伙拷锟斤拷锟斤拷锟斤拷锟斤拷螅锟斤拷锟斤拷锟� URL 锟斤拷 PHP 锟脚憋拷锟斤拷锟斤拷锟斤拷锟�预锟斤拷锟斤拷锟斤拷锟� PHP_AUTH_USER锟斤拷PHP_AUTH_PW 锟斤拷 AUTH_TYPE 锟斤拷锟劫次碉拷锟矫o拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟街憋拷锟借定为锟矫伙拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟街わ拷锟斤拷汀锟皆わ拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷 $_SERVER 锟斤拷锟斤拷锟叫★拷支锟斤拷"Basic"锟斤拷"Digest"锟斤拷锟斤拷 PHP 5.1.0 锟斤拷锟斤拷证锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟� header() 锟斤拷锟斤拷锟皆伙拷取锟斤拷锟斤拷锟斤拷息锟斤拷
锟斤拷锟斤拷锟斤拷锟斤拷页锟斤拷锟斤拷强锟饺客伙拷锟斤拷锟斤拷证锟侥脚憋拷锟斤拷锟斤拷锟斤拷
Example #1 Basic HTTP 锟斤拷证锟斤拷锟斤拷
<?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
echo 'Text to send if user hits Cancel button';
exit;
} else {
echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
}
?>
Example #2 Digest HTTP 锟斤拷证锟斤拷锟斤拷
锟斤拷锟斤拷锟斤拷示锟斤拷锟斤拷实锟斤拷一锟斤拷锟津单碉拷 Digest HTTP 锟斤拷证锟脚憋拷锟斤拷锟斤拷锟斤拷锟斤拷息锟斤拷慰锟� » RFC 2617锟斤拷
<?php
$realm = 'Restricted area';
//user => password
$users = array('admin' => 'mypass', 'guest' => 'guest');
if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Digest realm="'.$realm.
'",qop="auth",nonce="'.uniqid().'",opaque="'.md5($realm).'"');
die('Text to send if user hits Cancel button');
}
// analyze the PHP_AUTH_DIGEST variable
if (!($data = http_digest_parse($_SERVER['PHP_AUTH_DIGEST'])) ||
!isset($users[$data['username']]))
die('Wrong Credentials!');
// generate the valid response
$A1 = md5($data['username'] . ':' . $realm . ':' . $users[$data['username']]);
$A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']);
$valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2);
if ($data['response'] != $valid_response)
die('Wrong Credentials!');
// ok, valid username & password
echo 'You are logged in as: ' . $data['username'];
// function to parse the http auth header
function http_digest_parse($txt)
{
// protect against missing data
$needed_parts = array('nonce'=>1, 'nc'=>1, 'cnonce'=>1, 'qop'=>1, 'username'=>1, 'uri'=>1, 'response'=>1);
$data = array();
$keys = implode('|', array_keys($needed_parts));
preg_match_all('@(' . $keys . ')=(?:([\'"])([^\2]+?)\2|([^\s,]+))@', $txt, $matches, PREG_SET_ORDER);
foreach ($matches as $m) {
$data[$m[1]] = $m[3] ? $m[3] : $m[4];
unset($needed_parts[$m[1]]);
}
return $needed_parts ? false : $data;
}
?>
Note: 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷
锟节憋拷写 HTTP 锟斤拷头锟斤拷锟斤拷时锟斤拷锟斤拷锟叫★拷摹锟轿拷硕锟斤拷锟斤拷械目突锟斤拷吮锟街わ拷锟斤拷锟斤拷裕锟斤拷丶锟斤拷锟�"Basic"锟侥碉拷一锟斤拷锟斤拷母锟斤拷锟斤拷锟叫次�"B"锟斤拷锟街斤拷锟街凤拷锟斤拷锟斤拷锟斤拷锟斤拷双锟斤拷锟脚o拷锟斤拷锟角碉拷锟斤拷锟脚o拷锟斤拷锟矫o拷锟斤拷锟斤拷锟节憋拷头锟斤拷 HTTP/1.0 401 锟叫o拷锟斤拷 401 前锟斤拷锟斤拷锟斤拷锟揭斤拷锟斤拷一锟斤拷锟秸革拷
锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟叫o拷锟斤拷锟斤拷只锟斤拷印锟斤拷锟斤拷 PHP_AUTH_USER 锟斤拷 PHP_AUTH_PW 锟斤拷值锟斤拷锟斤拷锟斤拷实锟斤拷锟斤拷锟斤拷锟叫o拷锟斤拷锟斤拷锟斤拷要锟斤拷锟矫伙拷锟斤拷锟斤拷锟斤拷锟斤拷暮戏锟斤拷越锟斤拷屑锟介。锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷菘锟侥诧拷询锟斤拷锟斤拷锟斤拷锟� dbm 锟侥硷拷锟叫硷拷锟斤拷锟斤拷
注锟斤拷锟斤拷些 Internet Explorer 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷狻o拷锟斤拷员锟酵凤拷锟剿筹拷锟斤拷缘锟斤拷坪锟斤拷械愦得拷锟矫★拷目前锟斤拷锟斤拷锟节凤拷锟斤拷 HTTP/1.0 401 之前锟饺凤拷锟斤拷 WWW-Authenticate 锟斤拷头锟狡猴拷锟斤拷锟皆斤拷锟斤拷锟斤拷锟斤拷狻�
为锟剿凤拷止锟斤拷锟斤拷通锟斤拷锟斤拷写锟脚憋拷锟斤拷锟斤拷锟矫达拷统锟解部锟斤拷锟斤拷锟斤拷证锟斤拷页锟斤拷锟较伙拷取锟斤拷锟诫,锟斤拷锟解部锟斤拷证锟斤拷锟截讹拷页锟斤拷锟斤拷效锟斤拷锟斤拷锟斤拷锟斤拷全模式锟斤拷锟斤拷锟斤拷时锟斤拷PHP_AUTH 锟斤拷锟斤拷锟斤拷锟斤拷锟结被锟斤拷锟矫★拷锟斤拷锟斤拷锟斤拷锟斤拷危锟�REMOTE_USER 锟斤拷锟皆憋拷锟斤拷锟斤拷锟斤拷锟斤拷锟解部锟斤拷证锟斤拷锟矫伙拷锟斤拷锟斤拷丝锟斤拷锟斤拷锟� $_SERVER['REMOTE_USER'] 锟斤拷锟斤拷锟斤拷
Note: 锟斤拷锟斤拷说锟斤拷
PHP 锟斤拷锟角凤拷锟斤拷 AuthType 指锟斤拷锟斤拷锟叫讹拷锟解部锟斤拷证锟斤拷锟斤拷锟角凤拷锟斤拷效锟斤拷
注锟解,锟斤拷锟斤拷然锟斤拷锟杰凤拷止锟斤拷锟斤拷通锟斤拷未锟斤拷证锟斤拷 URL 锟斤拷锟斤拷同一锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷证锟斤拷 URL 锟斤拷偷取锟斤拷锟诫。
Netscape Navigator 锟斤拷 Internet Explorer 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷盏锟� 401 锟侥凤拷锟斤拷朔锟斤拷锟斤拷锟较⑹憋拷锟斤拷锟斤拷锟叫的憋拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷 Windows 锟斤拷证锟斤拷锟芥。锟斤拷锟杰癸拷锟斤拷效锟斤拷注锟斤拷一锟斤拷锟矫伙拷锟斤拷锟斤拷锟斤拷使锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟角碉拷锟矫伙拷锟斤拷锟斤拷锟斤拷锟诫。锟斤拷些锟斤拷锟斤拷锟斤拷锟街凤拷锟斤拷锟斤拷使锟斤拷录状态"锟斤拷锟斤拷"锟斤拷锟斤拷锟斤拷锟斤拷为"注锟斤拷"锟斤拷钮锟斤拷锟斤拷应锟斤拷为锟斤拷
Example #3 强锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟矫伙拷锟斤拷锟斤拷锟斤拷锟斤拷锟� HTTP 锟斤拷证锟侥凤拷锟斤拷
<?php
function authenticate() {
header('WWW-Authenticate: Basic realm="Test Authentication System"');
header('HTTP/1.0 401 Unauthorized');
echo "You must enter a valid login ID and password to access this resource\n";
exit;
}
if (!isset($_SERVER['PHP_AUTH_USER']) ||
($_POST['SeenBefore'] == 1 && $_POST['OldAuth'] == $_SERVER['PHP_AUTH_USER'])) {
authenticate();
}
else {
echo "<p>Welcome: {$_SERVER['PHP_AUTH_USER']}<br />";
echo "Old: {$_REQUEST['OldAuth']}";
echo "<form action='{$_SERVER['PHP_SELF']}' METHOD='post'>\n";
echo "<input type='hidden' name='SeenBefore' value='1' />\n";
echo "<input type='hidden' name='OldAuth' value='{$_SERVER['PHP_AUTH_USER']}' />\n";
echo "<input type='submit' value='Re Authenticate' />\n";
echo "</form></p>\n";
}
锟斤拷锟斤拷为锟斤拷锟斤拷 HTTP 锟斤拷 Basic 锟斤拷证锟斤拷准锟斤拷说锟斤拷锟斤拷锟角憋拷锟斤拷模锟斤拷锟剿诧拷锟斤拷锟斤拷锟斤拷锟斤拷锟街凤拷锟斤拷锟斤拷锟斤拷 Lynx 锟斤拷锟斤拷锟斤拷牟锟斤拷员锟斤拷锟� Lynx 锟斤拷锟秸碉拷 401 锟侥凤拷锟斤拷朔锟斤拷锟斤拷锟较⑹憋拷锟斤拷锟斤拷锟斤拷锟斤拷证锟侥硷拷锟斤拷锟斤拷锟街灰拷锟斤拷锟街わ拷募锟斤拷募锟斤拷要锟斤拷没锟叫变化锟斤拷只要锟矫伙拷锟斤拷锟�"锟斤拷锟斤拷"锟斤拷钮锟斤拷锟劫碉拷锟�"前锟斤拷"锟斤拷钮锟斤拷锟斤拷原锟斤拷锟斤拷源锟斤拷然锟杰癸拷锟斤拷锟斤拷锟绞★拷锟斤拷锟斤拷锟斤拷锟矫伙拷锟斤拷锟斤拷通锟斤拷锟斤拷"_"锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷堑锟斤拷锟街わ拷锟较拷锟�
为锟斤拷锟杰癸拷使HTTP锟斤拷锟斤拷锟斤拷 IIS 锟斤拷锟斤拷锟斤拷锟斤拷 CGI 模式锟铰★拷 锟斤拷锟斤拷要锟洁辑 IIS锟斤拷锟斤拷锟斤拷"目录锟斤拷全"锟斤拷锟斤拷锟�"锟洁辑"锟斤拷锟斤拷只选锟斤拷"锟斤拷锟斤拷锟斤拷锟斤拷"锟斤拷锟斤拷锟斤拷锟斤拷锟叫的革拷选锟斤拷应锟斤拷锟斤拷锟秸★拷
Note: IIS 注锟斤拷锟斤拷锟斤拷
要 HTTP 锟斤拷证锟杰癸拷锟斤拷 IIS 锟铰癸拷锟斤拷锟斤拷PHP 锟斤拷锟斤拷选锟斤拷 cgi.rfc2616_headers 锟斤拷锟斤拷锟斤拷锟矫筹拷 0锟斤拷默锟斤拷值锟斤拷锟斤拷
Note:
锟斤拷锟�锟斤拷全模式锟斤拷锟斤拷锟筋,锟脚憋拷锟斤拷 UID 锟结被锟接碉拷 WWW-Authenticate 锟斤拷头锟斤拷 realm 锟斤拷锟街★拷