Just curious as sometimes contacting server admin can take forever. Is there something I can use to test if PHP_Auth is supported and working on my server?

I believe its native as of php4.x

Well, you could write a simple script to test it I suppose. That would tell you if it is in fact supported.

Hope this helps.

okay... so I wrote this:



<?php

$myusername = "user";
$mypassword = "pass";
$areaname = "This shows on the pop up!";

if ($_SERVER["PHP_AUTH_USER"] == "" || $_SERVER["PHP_AUTH_PW"] == "" || $_SERVER["PHP_AUTH_USER"] != $myusername || $_SERVER["PHP_AUTH_PW"] != $mypassword) {
header("HTTP/1.0 401 Unauthorized");
header("WWW-Authenticate: Basic realm=\"$areaname\"");
echo "<h1>Authorization Required.</h1>";
die();
}

?>


well..I didn't write it, just modified it...

I put it on the very top (pre- opening html tag) and then browsed to that page. a passbox poped up. when I entered the correct username and password it didn't show the page, instead the passbox vanished, reappeared and both user and pass inputs were empty.

So... why won't it work? LOL Also.. if I do get it to work, and I wantto use it server wide do I need to make the variable global, or in their own script or do I need to put the whole thing on every page?

watch out for globals, they can get you in trouble,

save it to a session variable

okay.. err.. how? I have about reached the end of my php knowledge and I can't find anything that seems to help through google.

Can you help me write out something?

watch out for globals, they can get you in trouble,

save it to a session variable
There ARE no globals. You don't need to save it as a $_SESSION variable, because the HTTP authentication saves itself on the browser. Meaning, it won't let you logout until you close the browser.

Blizzard, try this script:



<?php
$user='hi';
$pass='hi';
if (!(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_USER'] == $user && $_SERVER['PHP_AUTH_PW'] == $pass)) {
header('WWW-Authenticate: Basic realm="Secured Area!!!!"');
header('Status: 401 Unauthorized');
die('<h1>Unauthorized Access</h1>');
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Super Secret Stuff!!!</title>
</head>

<body>
<h1>hi.</h1>
</body>
</html>

Thanks for that, I actually wrote a better working one than I needed. Of course I need to clean it up because I know I have more in there than I need.

But I will keep this one too, I am sure I can use it somewhere!

Thanks!