WWW Authenticate

gamehack

Hello all,

First, here's the code:

<?php

   header('WWW-Authenticate: Basic Realm="Secure Area"');
   header('HTTP/1.0 401 Unauthorized');
   if($HTTP_SERVER_VARS['PHP_AUTH_USER'] == 'gamehack' || $HTTP_SERVER_VARS['PHP_AUTH_PW'] == 'gamehack') {
   header('HTTP/1.0 200 OK');
   echo "<p>Hello {$HTTP_SERVER_VARS['PHP_AUTH_USER']}.</p>";
   echo "<p>You entered {$HTTP_SERVER_VARS['PHP_AUTH_PW']} as your password.</p>";
   }
    else
   {
    echo 'The other branch!';
   }

?>

Most of the code is working ok, but there's only 1 thing I could not understand:
1. The dialog is asking for the password infinitevely. I tried adding additional code for counting the attempts but it just didn't work. Can anyone suggest a solution?

Thank very much,
gamehack

devinemke

the number of times the dialog will ask for the password i believe is entirely up the browser. for exmaple: in IE the user is prompted 3 times. in Firefox the user is prompted infinitevely.

gamehack

Thanks 🙂