| Author |
Message |
Deseroka
Client
Joined: Apr 15, 2003
Posts: 466
Location: FL
|
 Posted:
Sat Sep 11, 2004 8:59 pm |
|
There is so much I watn to learn..... |
| |
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Sat Sep 11, 2004 9:03 pm |
|
|
|
|
|
GeekyGuy
Client
Joined: Jun 03, 2004
Posts: 302
Location: Huber Heights Ohio
|
| Posted:
Sat Sep 11, 2004 9:07 pm |
|
I am at the point that I can hack on someone elses code, but I don't think I could write anything major. What I've been messing with now was taking someone else code and adapting it to fit my purpose.
Now I have to find those snippets of code so I can finish this User Guide. I'm looking for volunteers to install it and check it for errors. |
_________________
"The Daytona 500 is ours! We won it, we won it, we won it!", Dale Earnhardt, February 15th, 1998, Daytona 500 |
|
  
  |
|
GeekyGuy
|
| Posted:
Sat Sep 11, 2004 9:09 pm |
|
You da man Raven, that's the snippet of code I was looking for. I wrote down the thread number, but threw the paper away  |
| |
|
|
|
|
Deseroka
|
| Posted:
Sat Sep 11, 2004 9:09 pm |
|
My heroes have always killed cowboys--
Ooops--
My heroes have always been coders.... |
| |
|
|
|
|
Raven
|
| Posted:
Wed Sep 15, 2004 6:41 am |
|
I came across this and I need those with CGI to test it. If this works then we have a MUCH simpler solution. Place this line of code in your .htaccess (temporarily replacing the code fix in the above thread)Code:RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]
|
Let me know just ASAP. Thanks! |
| |
|
|
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 6437
|
| Posted:
Wed Sep 15, 2004 6:52 am |
|
Do you mean to replace
Code:<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted"
AuthType Basic
AuthUserFile REAL_PATH_TO_ID_PASS_FILE
</Files>
|
with:
Code:RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]
|
?
EDIT: When I tried that, NukeSentinel still reports that admin HTTP authentication is not available. |
Last edited by kguske on Wed Sep 15, 2004 7:06 am; edited 1 time in total |
|
|
|
|
Raven
|
| Posted:
Wed Sep 15, 2004 6:58 am |
|
Yes, although there will be more to it in NukeSentinel. Hold off and let me create a test script. I'll post back. |
| |
|
|
|
|
Raven
|
| Posted:
Wed Sep 15, 2004 7:41 am |
|
Okay. Save this code to testauth.php. Change the USERNAME and USERPASS to whatever you want to test with. Remove that other code so there is nothing to stop this.Code:<?
$username = 'USERNAME';
$userpass = 'USERPASS';
if (!($_SERVER['PHP_AUTH_USER']==$username && $_SERVER['PHP_AUTH_PW']==$userpass)) {
header("WWW-Authenticate: Basic realm=Restricted");
header("HTTP/1.0 401 Unauthorized");
die('Authorization is required for this function.');
}
?>
|
Assuming that did not work, add this line to your .htaccessCode:RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]
|
and try it again. If it does not prompt you then just restore this code to .htaccessCode:<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted"
AuthType Basic
AuthUserFile REAL_PATH_TO_ID_PASS_FILE
</Files>
|
Let me know. |
| |
|
|
|
|
kguske
|
| Posted:
Wed Sep 15, 2004 8:12 am |
|
The testauth.php prompted for user ID and password, both with and without the .htaccess. However, it did not accept the USERNAME and USERPASS. Does the userpass need to be encrypted? |
| |
|
|
|
|
Raven
|
| Posted:
Wed Sep 15, 2004 8:18 am |
|
Nope. The protocol encrypts it. Oh well, just thought I'd try what someone else recommended. Thanks for trying. |
| |
|
|
|
|
|
|
Thanks! You might want this thread 
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
