Hi,
today I played aroung with the HTTP authentification functionality of PHP. The goal was to write an adminscript where the user has to enter username and password in the normal user authentification manner.
Now, because I wrote the functionality part of this script in OO style, I also wanted to perform here also in OO style. But I failed.
I came along with this:
index.php:
<?php
adminuser='admin';
adminpass='password';
include_once('./admin.class.php');
$obj = new Admin($adminuser, $adminpass);
echo "Logged in";
?>
admin.class.php:
<?php
class Admin {
var $adminpass='';
var $adminuser='';
function Admin ($adminuser, $adminpass) {
global $PHP_AUTH_USER, $PHP_AUTH_PW;
$this->adminpass = $adminpass;
$this->adminuser = $adminuser;
if (isset($PHP_AUTH_USER) {
if ( $PHP_AUTH_USER != $this->adminuser || empty($PHP_AUTH_USER)) {
$this->adminLogin();
}
if ( $PHP_AUTH_PW != $this->adminpass || empty($PHP_AUTH_PW)){
$this->adminLogin();
}
} else {
$this->adminLogin();
}
}
function adminLogin() {
Header( "WWW-Authenticate: Basic realm=\"Test Authentication System\"");
Header( "HTTP/1.0 401 Unauthorized");
echo "You must enter a valid login ID and password to access this resource\n";
exit;
}
}
?>
(Don't look to much onto typos or ot closed brackets, I wrote this from mind)
What happens: I always get the login window even when I type in the correct username and password, the user never get authentificated.
What I'm doing wrong?
I tested a version straight ahead in the index.php which works, but doesn't satisfy me (I'm that kind of scripter which wants to know more than one way).
I also tried a similar version like used in phpMyAdmin, but didn't got the same result.
I'm out of ideas, maybe one of you might have one.
Thanks for any suggestion. Regards, Thomas
