1. 首頁
  2. 問答
  3. PHP基本身份驗證在xampp中不起作用

PHP基本身份驗證在xampp中不起作用

2016-10-27 59 views
0

我正在使用PHP Basic Authorization,但它不起作用。如預期的用戶名和密碼彈出,但它可以讓即使我插錯用戶名和密碼我訪問頁面PHP基本身份驗證在xampp中不起作用

public function __construct() 
{ 
    parent::__construct(); 

    $this->load->library('session'); 
    if (!isset($_SERVER['PHP_AUTH_USER'])) 
    { 
     header("WWW-Authenticate: Basic realm=\"Admin Area\""); 
     header("HTTP/1.0 401 Unauthorized"); 
     print "Sorry - you need valid credentials to be granted access!\n"; 
     exit; 
    } else { 
     list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); 
     if (!($_SERVER['PHP_AUTH_USER'] == 'admin') && ($_SERVER['PHP_AUTH_PW'] == 'admin')) { 
      header("WWW-Authenticate: Basic realm=\"Admin Area\""); 
      header("HTTP/1.0 401 Unauthorized"); 
      print "Sorry - you need valid credentials to be granted access!\n"; 
      exit; 
     } 
    } 

}

的.htaccess:

RewriteEngine on 

RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] 
RewriteRule ^(.*)$ http://%1/$1 [R=301,L] 

RewriteCond $1 !^(index\.php|images|css|js|robots\.txt|favicon\.ico) 
RewriteCond %{REQUEST_FILENAME} !-f 
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteRule ^(.*)$ ./index.php?/$1 [L,QSA] 

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

來源

2016-10-27 may

+0

用戶進入會話後,他/她輸入憑據? – Nurjan

+0

是@Nurzhan .. – may

+0

您的管理員帳戶必須擁有「admin」用於登錄和密碼嗎?如果(!(($ _ SERVER ['PHP_AUTH_USER'] =='admin')&&($ _SERVER ['PHP_AUTH_PW'] =='admin'))) – Fky

回答

0

缺少括號,如果你想「 admin「用於登錄和密碼,你應該這樣做:

if (!(($_SERVER['PHP_AUTH_USER'] == 'admin') && ($_SERVER['PHP_AUTH_PW'] == 'admin'))) {

來源

2016-10-27 07:22:02 Fky

相關問題

 相關問題