Commit | Line | Data |
---|---|---|
cd757b9e JC |
1 | <?php |
2 | ||
3 | require_once 'db.php'; | |
4 | ||
5 | function check_auth() { | |
6 | if (!isset($_SERVER['PHP_AUTH_USER'])) { | |
7 | header('WWW-Authenticate: Basic realm="My Realm"'); | |
8 | header('HTTP/1.0 401 Unauthorized'); | |
9 | die("You hit cancel"); | |
10 | } | |
11 | $db = get_db(); | |
12 | $authStmt = $db->prepare('select count(*) as count, username from users where username = :username AND password = :password;'); | |
13 | $authStmt->bindValue(':username', $_SERVER['PHP_AUTH_USER']); | |
14 | $authStmt->bindValue(':password', $_SERVER['PHP_AUTH_PW']); | |
15 | $result = $authStmt->execute(); | |
16 | if ($result->fetchArray()[0] != 1) { | |
17 | unauthorized_die(); | |
18 | } | |
19 | return $_SERVER['PHP_AUTH_USER']; | |
20 | } | |
21 | ||
22 | function unauthorized_die() { | |
23 | header('Location: unauthorized.php'); | |
24 | die('Unauthorized'); | |
25 | } | |
26 |