neeper
Jun 14 2005, 06:55 AM
I'm redirecting users to a url in the format of:
http://name:[Email Removed]members.mysite.com uses htaccess for authentication.
I want to test the login url with the specific user's username and
password before I redirect them there. I've tried fopen and seem to
get different results. Is there any other way possible? maybe curl?
Please help. TIA
Janwillem Borleffs
Jun 14 2005, 08:04 PM
neeper wrote:
QUOTE |
I'm redirecting users to a url in the format of:
http://name:[Email Removed]
members.mysite.com uses htaccess for authentication.
I want to test the login url with the specific user's username and password before I redirect them there. I've tried fopen and seem to get different results. Is there any other way possible? maybe curl?
|
Then you would need to test $_SERVER['PHP_AUTH_USER'] and
$_SERVER['PHP_AUTH_PW'] to verify the credentials.
When your goal is just to open the URL with the credentials, you should use
fsockopen to open the connections and send something like the following to
logon:
fputs($fp, "Authorization: Basic " . base64_encode("username:password") .
"rn");
Be aware that the latest service packs on Windows cause errors when using
this type of URL's in IE.
JW
neeper
Jun 15 2005, 04:27 AM
How do I test the remote site if the login works before presenting it
to the user?
On Tue, 14 Jun 2005 23:04:09 +0200, "Janwillem Borleffs"
<[Email Removed]> wrote:
QUOTE |
neeper wrote: I'm redirecting users to a url in the format of:
http://name:[Email Removed]
members.mysite.com uses htaccess for authentication.
I want to test the login url with the specific user's username and password before I redirect them there. I've tried fopen and seem to get different results. Is there any other way possible? maybe curl?
Then you would need to test $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] to verify the credentials.
When your goal is just to open the URL with the credentials, you should use fsockopen to open the connections and send something like the following to logon:
fputs($fp, "Authorization: Basic " . base64_encode("username:password") . "rn");
Be aware that the latest service packs on Windows cause errors when using this type of URL's in IE.
JW
|
Janwillem Borleffs
Jun 15 2005, 03:46 PM
neeper wrote:
Please don't TOP Post!
QUOTE |
How do I test the remote site if the login works before presenting it to the user?
|
Quite elementary, Mr. Watson:
$username = 'username';
$password = 'password';
$host = 'host';
$path = '/';
$fp = fsockopen($host, 80);
fputs($fp, "HEAD $path HTTP/1.0rn");
fputs($fp, "Host: $hostrn");
fputs($fp, "Authorization: Basic " .
base64_encode("$username:$password") .
"rnrn");
list(,$response) = explode(" ", fgets($fp, 1024));
fclose($fp);
if ($response == 401) {
// Unauthorized
}
JW
neeper
Jun 15 2005, 06:33 PM
is $response contents of the page, what if the page has a custom error
message with an image without '401' in html. Will the 401 still be
caught as a server error message response?
On Wed, 15 Jun 2005 18:46:06 +0200, Janwillem Borleffs
<[Email Removed]> wrote:
QUOTE |
neeper wrote:
Please don't TOP Post!
How do I test the remote site if the login works before presenting it to the user?
Quite elementary, Mr. Watson:
$username = 'username'; $password = 'password'; $host = 'host'; $path = '/';
$fp = fsockopen($host, 80); fputs($fp, "HEAD $path HTTP/1.0rn"); fputs($fp, "Host: $hostrn"); fputs($fp, "Authorization: Basic " . base64_encode("$username:$password") . "rnrn");
list(,$response) = explode(" ", fgets($fp, 1024)); fclose($fp);
if ($response == 401) { // Unauthorized }
JW
|
Janwillem Borleffs
Jun 16 2005, 08:44 AM
neeper wrote:
A: Because questions are followed by answers
Q: Why shouldn't I top post?
QUOTE |
is $response contents of the page, what if the page has a custom error message with an image without '401' in html. Will the 401 still be caught as a server error message response?
|
What you are trying test is HTTP Basic Authentication, which means that
a 401 header is sent to the browser when the credentials are not
supplied or incorrect.
In all other cases, you will get a 200, 301, 302 etcetera as the
response code.
JW
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.