php Basic HTTP与Digest HTTP 应用
2024-08-30 11:35:34
Basic HTTP 认证范例
<?php
//Basic HTTP 认证
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="test"');
header('HTTP/1.0 401 Unauthorized');
} else {
if($_SERVER['PHP_AUTH_USER']=='admin' && $_SERVER['PHP_AUTH_PW']=='123456'){
echo "<p>HI {$_SERVER['PHP_AUTH_USER']}.</p>";
echo "<p>恭喜你登录成功!</p>";
}else{
header('WWW-Authenticate: Basic realm="test"');
header('HTTP/1.0 401 Unauthorized');
}
}
?>
Digest HTTP 认证范例
<?php
$realm = 'Restricted area'; $username = 'ser'; //帐号
$passowrd = '666666'; //密码 if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
header('HTTP/1.1 401 Unauthorization Required'); //此头弹出登录窗口
header('WWW-Authenticate: Digest realm="'.$realm.'",qop="auth", nonce="'.uniqid().'", opaque="'.md5($realm).'"');
die('您取消了本次登录,若重新登录,请刷新此页面。');
}else{ //使用函数http_digest_parse解析验证信息
if (!($data = http_digest_parse($_SERVER['PHP_AUTH_DIGEST'])) || $data['username']!=$username){
header("HTTP/1.1 401 Unauthorization Required");
header('WWW-Authenticate: Digest realm="'.$realm.'",qop="auth", nonce="'.uniqid().'", opaque="'.md5($realm).'"');//IE 8 需要重新发送,不然不弹窗
die('账号错误!');
} //拼接字符串
$A1 = md5($username . ':' . $realm . ':' . $passowrd);
$A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']);
$valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2); if ($data['response'] != $valid_response){
header("HTTP/1.1 401 Unauthorization Required");
header('WWW-Authenticate: Digest realm="'.$realm.'",qop="auth", nonce="'.uniqid().'", opaque="'.md5($realm).'"');
die('账号/密码错误!');
} echo 'Hi '.$username.',恭喜你登录成功!';
} // 解析字符串方法
function http_digest_parse($txt)
{
// protect against missing data
$needed_parts = array('nonce'=>1, 'nc'=>1, 'cnonce'=>1, 'qop'=>1, 'username'=>1, 'uri'=>1, 'response'=>1);
$data = array(); preg_match_all('@(\w+)=([\'"]?)([a-zA-Z0-9=./\_-]+)\2@', $txt, $matches, PREG_SET_ORDER);
//print_r($matches);
foreach ($matches as $m) {
$data[$m[1]] = $m[3];
unset($needed_parts[$m[1]]);
} return $needed_parts ? false : $data;
}
?>
最新文章
- MVC4做网站后台:用户管理 &mdash;用户
- 【POJ2778】DNA Sequence(AC自动机,DP)
- gulp详细入门教程(转载)
- __new__
- [转]PDF预览插件PDFObject.js
- EntityFramework 6.0<; Code First >; 连接 Mysql数据库
- nginx端口被占用解决方案
- openstack neutron 各节点网络配置
- 学习微软中间语言(MSIL)的绝佳工具 Dotnet IL Editor 推荐
- JavaScript 运行机制详解:深入理解Event Loop
- div光标定位问题总结
- Vmware(vmdk)虚拟机到hyperv(vhd)虚拟机转换
- HourRank 20
- Hibernate与Mybatis的比较
- 【Linux】【Apatch Tomcat】Linux、CentOS7安装最新版Apartch Tomcat环境
- pc端字体大小自适应几种方法
- 【C/C++】数组 &; 指针
- 将lvm逻辑卷分出一部分
- hystrix参数详解
- Nifi flow 备份恢复