Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


PHP - username/password script not working

Posted on 2012-09-04
Medium Priority
Last Modified: 2012-09-06
Just created a script that requires people to login to access a certain page. Here is the code:


$username = 'test';
$password = 'test';

	!isset($_SERVER['PHP_AUTH_USER']) || 
	!isset($_SERVER['PHP_AUTH_PW']) || 
	($_SERVER['PHP_AUTH_USER'] != $username) || 
	($_SERVER['PHP_AUTH_PW'] != $password)
	) {
	header('HTTP/1.1 401 Unauthorized');
	header('WWW-Authenticate: Basic realm="emailDB Authentication"');


Open in new window

This code is being included into another file with:

<?php require_once('dynamic/security.php') ?>

Open in new window

It is located at the very top of the file with no spaces.

When I attempt to login with the username and password ("test") at the prompt this script produces, the prompt appears again and denies me access to the page it protects.

What am I doing wrong?

P.S. it works on my localhost when viewing it in Firefox, but does not work on live websites.
Question by:ShootFromtheHip
  • 2
LVL 61

Accepted Solution

Julian Hansen earned 1400 total points
ID: 38364635
LVL 111

Assisted Solution

by:Ray Paseur
Ray Paseur earned 600 total points
ID: 38367564
You may find it easier to get this right if you use PHP client authentication.  Many web sites do it and they all follow the same design pattern.


Author Comment

ID: 38374024
Thanks to both - yes, both links help out a bunch. Turns out it was a setting on the server that was grumbling (SERVER API).

Ray, I take it that article was written pre-mysqli days. Great article, lucid and detailed.
LVL 111

Expert Comment

by:Ray Paseur
ID: 38374043
Yes, the article was written before PHP changed the recommendation from MySQL to MySQLi.  One of these days I will have to update the examples.  The principles are still valid.

Thanks for the points, ~Ray

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
The title says it all. Writing any type of PHP Application or API code that provides high throughput, while under a heavy load, seems to be an arcane art form (Black Magic). This article aims to provide some general guidelines for producing this typ…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question