管理员用户名/密码不工作的PHP [英] Admin username/password isn't working for PHP

查看:127
本文介绍了管理员用户名/密码不工作的PHP的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

所以我目前正在在PHP编程的课程,我终于得到了进入艺术验证和授权。

So I am currently taking a course in PHP Programming and I have finally gotten into the art of Authentication and Authorization.

因此​​,在本书中,我们开始通过限制授权访问所有在那里你可以更新和删除所有账户的页面。我们开始定义的常量:

So in the book, we started by restricting the page that grants access to all the accounts where you can update and delete all of them. We started by defining the constants:

define('VALID_USERNAME', '');
define('VALID_PASSWORD', '');

为了方便我自己,我只是把它们作为空字符串。

To make it easy on myself, I just put them as empty strings.

一切顺利,这要求用户名和密码,弹出的对话。
然而,当我把空字符串,对话框不断弹出,如果密码是错误的,或者它只是没有采取密码的。发生这种情况甚至当我定义与真正的字符串的用户名和密码。

Everything goes smoothly, the dialogue that asks for the username and password pop up. However, when I put the empty strings in, the dialogue box keeps popping up as if the password was wrong, or it just didn't take the password at all. This happens even when I define the username and password with real strings.

下面是我的code为该部分:

Here is my code for that portion:

if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
    header('http/1.1 401 Unauthorized');
    header('WWW-Authenticate: Basic realm="Wonder Penguin"');
} else {
    if (($_SERVER['PHP_AUTH_USER'] != VALID_USERNAME) ||
        ($_SERVER['PHP_AUTH_PW'] != VALID_PASSWORD)) {
        header('http/1.1 401 Unauthorized');
        header('WWW-Authenticate: Basic realm="Wonder Penguin"');
    }
}

如果你想知道为什么我没有击中取消绕过认证和获得更新页使用exit()函数prevent人。我这样做,所以我的老师能级这个页面,我创建了最后一次转让。

If you're wondering why I didn't use the exit() function to prevent people from hitting cancel to bypass the authentication and getting to the update page. I did that so my teacher can grade this page that I created last assignment.

我如何已经厌倦了解决:

我测试,看看我用回声功能是否正确定义的有效用户名和密码。

I tested to see if I defined the valid usernames and passwords correctly by using the echo functions.

echo VALID_USERNAME;
echo VALID_PASSWORD;

和它弹出正是我将它定义为。所以理论上,我想我正确定义它。

And it pops up exactly what I defined it as. So in theory, I think I defined it correctly.

我试着写单引号,双引号,也没有引号定义功能。
这本书要我写这样的功能:

I tried to write the define function with single quotes, double quotes, and no quotes. The book wants me to write the function like this:

define(VALID_USERNAME, "admin");
define(VALID_PASSWORD, "password");

但是,这带来了,当我试图定义它们就在那里,我使用一个未定义的常量错误。

However, this brings up an error that I am using an undefined constant when I tried to define them right there.

的var_dump($ _ SERVER); 结果:

array(37) {

["REDIRECT_HANDLER"]=> string(23) "application/x-httpd-php"
["REDIRECT_STATUS"]=> string(3) "200"
["HTTP_HOST"]=> string(20) "patti-bee2.dcccd.edu"
["HTTP_CONNECTION"]=> string(10) "keep-alive"
["HTTP_ACCEPT"]=> string(74) "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
["HTTP_USER_AGENT"]=> string(108) "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36"
["HTTP_ACCEPT_ENCODING"]=> string(17) "gzip,deflate,sdch"
["HTTP_ACCEPT_LANGUAGE"]=> string(14) "en-US,en;q=0.8"
["HTTP_COOKIE"]=> string(217) "__qca=P0-630369357-1378011844686; __utma=198331962.264424896.1377179965.1382812794.1384740700.12; __utmc=198331962; __utmz=198331962.1381981575.8.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided)"
["PATH"]=> string(135) "C:\Program Files (x86)\PHP\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\php;"
["SystemRoot"]=> string(10) "C:\Windows"
["COMSPEC"]=> string(27) "C:\Windows\system32\cmd.exe"
["PATHEXT"]=> string(53) ".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC"
["WINDIR"]=> string(10) "C:\Windows"
["SERVER_SIGNATURE"]=> string(0) ""
["SERVER_SOFTWARE"]=> string(21) "Apache/2.2.22 (Win32)"
["SERVER_NAME"]=> string(20) "patti-bee2.dcccd.edu"
["SERVER_ADDR"]=> string(14) "144.162.99.193"
["SERVER_PORT"]=> string(2) "80"
["REMOTE_ADDR"]=> string(11) "99.7.247.36"
["DOCUMENT_ROOT"]=> string(66) "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/htdocs"
["SERVER_ADMIN"]=> string(16) "pburks@dcccd.edu"
["SCRIPT_FILENAME"]=> string(106) "C:\Program Files (x86)\Apache Software Foundation\Apache2.2\htdocs\Coleman\Wonder Penguin\PHP\show_all.php"
["REMOTE_PORT"]=> string(5) "54619"
["REDIRECT_URL"]=> string(40) "/coleman/wonder penguin/php/show_all.php"
["GATEWAY_INTERFACE"]=> string(7) "CGI/1.1"
["SERVER_PROTOCOL"]=> string(8) "HTTP/1.1"
["REQUEST_METHOD"]=> string(3) "GET"
["QUERY_STRING"]=> string(0) ""
["REQUEST_URI"]=> string(42) "/coleman/wonder%20penguin/php/show_all.php"
["SCRIPT_NAME"]=> string(40) "/coleman/wonder penguin/php/show_all.php"
["ORIG_SCRIPT_FILENAME"]=> string(18) "C:/PHP/php-cgi.exe"
["ORIG_PATH_INFO"]=> string(40) "/coleman/wonder penguin/php/show_all.php"
["ORIG_PATH_TRANSLATED"]=> string(106) "C:\Program Files (x86)\Apache Software Foundation\Apache2.2\htdocs\Coleman\Wonder Penguin\PHP\show_all.php"
["ORIG_SCRIPT_NAME"]=> string(16) "/php/php-cgi.exe"
["PHP_SELF"]=> string(40) "/coleman/wonder penguin/php/show_all.php"
["REQUEST_TIME"]=> int(1385432192)
}

我在这点pretty多复制它直出的书。
我在做什么错了?

I have pretty much copied it straight out of the book at this point. What am I doing wrong?

如果你想尝试一下自己,这里是链接到我的网站

If you want to try it out for yourself, here is link to my site.

推荐答案

我知道我在清楚,但据我所知,问题的关键在于如何做使用基本身份验证,并在那里把解释的事情没有专家还是不错的基本身份验证的报头(对我来说,只是不把它冗余):

I know I'm no expert or good on explaining things clearly but as far as I know the problem lies on how do use the Basic Authentication and where to put the headers of Basic Authentication (For me just don't put it redundantly.):

下面是一个code可以帮助你使用基本身份验证玩法:

Here's a code that might help you play with Basic Authentication :

在含有凭证如usernam和密码。我不会建议使用定义()出于安全目的。

In containing credentials such as usernam and password. I wont suggest using define() for security purposes.

if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']))
{
   $valid_user = 'admin';
   $valid_password = 'password';
   if($_SERVER['PHP_AUTH_USER'] == $valid_user && $_SERVER['PHP_AUTH_PW'] == $valid_password)
   {
      $response = array('Response'  => true,
                        'Message'   => 'Welcome! ' . $valid_user);

      $result = json_encode($response);
      echo $result;
   }
   else
   {
      $response = array('Response'  => false,
                        'Message'   => 'User and Password does not match!');

      $result = json_encode($response);
      echo $result;
      exit();
   }
}
else
{
   header('WWW-Authenticate: Basic realm="Wonder Penguin"');
   header('HTTP/1.0 401 Unauthorized');

   $response = array('Response' => false,
                     'Message'  => '401 Unauthorized!');

   $result = json_encode($response);
   echo $result;
   exit();
}

这一切都和享受学习!

这篇关于管理员用户名/密码不工作的PHP的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆