Home/ Questions/Q 6071407
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T10:02:37+00:00

I’m trying to use some really basic authentication… basically, I want to put my

  • 0

I’m trying to use some really basic authentication… basically, I want to put my site live but have one password that I can send out to a few people so they can access it and not anybody else.

I’ve been trying to use cookies, but I’m relatively inexperienced with them. The code that follows is what I have so far.

At the top of my header. This for some reason doesn’t redirect to authenticate.php

<?php if(!isset($_COOKIE["user"])) header("Location: authenticate.php?invalid=0"); ?>

authenticate.php

<?php
    if($_GET["invalid"] == 1)   {
        echo '<p> Invalid password. </p>';
    }
        echo '<form action="enter.php" method="post">

                <span>Enter the password</span><br />
                <textarea name="mainPass"></textarea>
                <input type="submit" value="Submit!" />
            </form>';

?>

enter.php

<?php
    $pass = $_POST['mainPass'];
    if(strstr($pass, "<password removed>")) {
        setcookie("user", time()+3600);
        header("Location: index.php");
    } else {
        header("Location: authenticate.php?invalid=1    ");
    }
?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    quick and dirty. don’t use this for long. does not require any forms. set the username and password hardcoded into the function code itself. you must run the function at the top of every page for this to work.

        // quick and dirty http authentication
    function authenticateHttp() {
        @session_start();
        // credential check
        if (!isset($_SESSION['auth_realm']) || !isset($_SERVER['PHP_AUTH_USER'])) {
            // credentials not supplied yet
            // send http credential request
            $_SESSION['auth_realm'] = uniqid('', true);
            header('WWW-Authenticate: Basic realm="' . $_SESSION['auth_realm'] . '"');
            header('HTTP/1.0 401 Unauthorized');
            // if cancel button clicked, show this
            exit('You must authenticate before accessing this area.');
        } else {
            // credentials supplied
            if ($_SERVER['PHP_AUTH_USER'] !== '{your chosen username}' || $_SERVER['PHP_AUTH_PW'] !== '{your chosen password}') {
                unset($_SESSION['auth_realm']);
                exit('You have entered an invalid login.');
            }
        }
    }
    • 0