qadenza
Reputation: 9293
page is available using any credentials on php authentication
popup dialog is there but entering any credentials - the page is available
what is the problem ?
if(!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) || !$_SERVER['PHP_AUTH_USER'] == 'lorem' || !$_SERVER['PHP_AUTH_PW'] == 'ipsum'){
header('http/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="Wonder Penguin"');
die("Access Denied !");
}
Upvotes: 0
Views: 97
Answers (1)
C3roe
Reputation: 96383
!$_SERVER['PHP_AUTH_USER'] == 'lorem' is wrong, you want
$_SERVER['PHP_AUTH_USER'] != 'lorem' there.
Or you would have to use an additional set of braces there, !($_SERVER['PHP_AUTH_USER'] == 'lorem')
The reason is operator precedence.
Upvotes: 1
Related Questions
- Login form is permitting access with blank user name and password
- PHP login credentials are not being validate even though they are correct
- PHP Blocking access to the login page
- access page only if logged in with php
- authentication not work
- Page accessible only if logged in
- "You must be logged in to access this page" error
- Unauthorized access to webpage
- Page not redirecting properly 3
- Website asking for authentication