I'm redirecting users to a url in the format of:
http://name:[Email Removed]
members.mysite.com uses htaccess for authentication.
I want to test the login url with the specific user's username and
password before I redirect them there. I've tried fopen and seem to
get different results. Is there any other way possible? maybe curl?
Please help. TIA
Full Version: Login test before redirect
neeper wrote:
| QUOTE |
| I'm redirecting users to a url in the format of: http://name:[Email Removed] members.mysite.com uses htaccess for authentication. I want to test the login url with the specific user's username and password before I redirect them there. I've tried fopen and seem to get different results. Is there any other way possible? maybe curl? |
Then you would need to test $_SERVER['PHP_AUTH_USER'] and
$_SERVER['PHP_AUTH_PW'] to verify the credentials.
When your goal is just to open the URL with the credentials, you should use
fsockopen to open the connections and send something like the following to
logon:
fputs($fp, "Authorization: Basic " . base64_encode("username:password") .
"rn");
Be aware that the latest service packs on Windows cause errors when using
this type of URL's in IE.
JW
How do I test the remote site if the login works before presenting it
to the user?
On Tue, 14 Jun 2005 23:04:09 +0200, "Janwillem Borleffs"
<[Email Removed]> wrote:
to the user?
On Tue, 14 Jun 2005 23:04:09 +0200, "Janwillem Borleffs"
<[Email Removed]> wrote:
| QUOTE |
| neeper wrote: I'm redirecting users to a url in the format of: http://name:[Email Removed] members.mysite.com uses htaccess for authentication. I want to test the login url with the specific user's username and password before I redirect them there. I've tried fopen and seem to get different results. Is there any other way possible? maybe curl? Then you would need to test $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] to verify the credentials. When your goal is just to open the URL with the credentials, you should use fsockopen to open the connections and send something like the following to logon: fputs($fp, "Authorization: Basic " . base64_encode("username:password") . "rn"); Be aware that the latest service packs on Windows cause errors when using this type of URL's in IE. JW |
neeper wrote:
Please don't TOP Post!
Please don't TOP Post!
| QUOTE |
| How do I test the remote site if the login works before presenting it to the user? |
Quite elementary, Mr. Watson:
$username = 'username';
$password = 'password';
$host = 'host';
$path = '/';
$fp = fsockopen($host, 80);
fputs($fp, "HEAD $path HTTP/1.0rn");
fputs($fp, "Host: $hostrn");
fputs($fp, "Authorization: Basic " .
base64_encode("$username:$password") .
"rnrn");
list(,$response) = explode(" ", fgets($fp, 1024));
fclose($fp);
if ($response == 401) {
// Unauthorized
}
JW
is $response contents of the page, what if the page has a custom error
message with an image without '401' in html. Will the 401 still be
caught as a server error message response?
On Wed, 15 Jun 2005 18:46:06 +0200, Janwillem Borleffs
<[Email Removed]> wrote:
message with an image without '401' in html. Will the 401 still be
caught as a server error message response?
On Wed, 15 Jun 2005 18:46:06 +0200, Janwillem Borleffs
<[Email Removed]> wrote:
| QUOTE |
| neeper wrote: Please don't TOP Post! How do I test the remote site if the login works before presenting it to the user? Quite elementary, Mr. Watson: $username = 'username'; $password = 'password'; $host = 'host'; $path = '/'; $fp = fsockopen($host, 80); fputs($fp, "HEAD $path HTTP/1.0rn"); fputs($fp, "Host: $hostrn"); fputs($fp, "Authorization: Basic " . base64_encode("$username:$password") . "rnrn"); list(,$response) = explode(" ", fgets($fp, 1024)); fclose($fp); if ($response == 401) { // Unauthorized } JW |
neeper wrote:
A: Because questions are followed by answers
Q: Why shouldn't I top post?
A: Because questions are followed by answers
Q: Why shouldn't I top post?
| QUOTE |
| is $response contents of the page, what if the page has a custom error message with an image without '401' in html. Will the 401 still be caught as a server error message response? |
What you are trying test is HTTP Basic Authentication, which means that
a 401 header is sent to the browser when the credentials are not
supplied or incorrect.
In all other cases, you will get a 200, 301, 302 etcetera as the
response code.
JW
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.