<?php
/**
the array may come from another script. it may secure contain secure password
no problem at all!!!!!!!
*/
session_start();
include_once 'http.auth.cls.php';
$httpauth=new HTTPBasicRealmAuth('constant type authentication year 2013');
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>HTTP Basic Realm Authentication Example Index</title>
</head>
<body>
<h1>HTTP Basic Realm Authentication</h1>
<p>This class will protect any PHP file against anonymous access & prompt
password through Basic Realm (http://tools.ietf.org/html/rfc2617)
challenge. Its handy class that can validate user from your existing
database, ftp server or any other media that is accessible through PHP.</p>
<p>Securing file or folder is a subject to lot of task like assigning user,
maintaining password, prompting for password, checking it from
stored location bla bla. Its not a problem for a big application
but if you think some file that is small module and need to use it
anywhere in the web?</p>
<p>Now what if a module didn't bother you by a form where a lot of graphics
will load all the time. Its just asking you user and password box like
into basic realm authoentication system of webserver? So, it will get rid
you from taking care of interface design!!! Yes this is class that support basic realm authantication mechanism that
will prompt user for their user name and password and this class manage
the rest in a smart way!</p>
<h3>This class can prevent session hijacking & session fixation.</h3>
<h2>Usage</h2>
<strong>You need to put the code at the very beginning of the file which you want to protect.</strong>
<pre><code>
session_start();
include_once 'http.auth.cls.php';
$httpauth=new HTTPBasicRealmAuth('constant type authentication year 2013', 'demo', 'demo');
/* rest of your file here */
</code></pre>
<h2>Example Index</h2>
<ul>
<li><strong><a href="constant.http.auth.eg.php">Constant</a>:</strong> You may want to embede your user information into a script and check if the user put valid information.</li>
<li><strong><a href="array.http.auth.eg.php">Array</a>:</strong> May be you have an array contain user information. You may pass this array into the class to validate user. <em>ARRAY FORMAT - array('username'=>'password').</em> Please see the coding for secure password option.</li>
<li><strong><a href="function.http.auth.eg.php">Function</a>:</strong> You may validate user by your own custom function. The class will pass user name as first parameter and password as second parameter.</li>
<li><strong><a href="customclass.http.auth.eg.php">Custom Class</a>:</strong> You may use your own class to verify user. You need to create that class instance and method name which will verify your user and password. The method will call by two parameter, one is user name at first parameter and another one is password at second parameter. Please see coding of this example to get more option like secure password passing mechanism.</li>
<li><strong><a href="db.basic.realm.auth.cls.php">Database</a>:</strong> You may want to use custom database class to verify your user from database. This example will show how to do it...</li>
<li><strong><a href="pop.and.basic.realm.auth.cls.php">POP3</a>:</strong> You may want to give permission to such user who has a POP3 account into your server. This example do such things. It will connect a POP3 server with supplied username and password. If connection established than user is permitted to access your secure file...</li>
<li><strong><a href="ftp.basic.realm.auth.cls.php">FTP</a>:</strong> You may want to give permission to such user who has FTP account into your server. You can do it easily with this class...</li>
</ul>
<h4>Basically this class support verify method by user defined class. So, here is the possiblity open for any kind of verification. You need to create a class of your own to verify through any media and link your created class with this class to process...</h4>
<?php
if($httpauth->isSignedIn()) echo '<h4 style="color: #0000ff;">User signed in through constant method! <a href="'.$httpauth->getSignOutURL().'">Signout from "'.$httpauth->getSignedUserName().'"</a></h4>';
?>
</body>
</html>
|