php基于文件的登录验证,代码如下:
<?php
/**
* 基于文件的登录
* edit by www.jb200.com
*/
$authorized = FALSE;
if (isset($_SERVER['PHP_AUTH_USER']) &&
isset($_SERVER['PHP_AUTH_PW'])) {
$authFile = file("./password.txt"); // 密码文件
foreach ($authFile as $login) {
list($username, $password) = explode(":", $login);
$password = trim($password);
if (($username == $_SERVER['PHP_AUTH_USER']) &&
($password == md5($_SERVER['PHP_AUTH_PW']))) {
$authorized = TRUE;
break;
}
}
}
// 验证失败则显示提示框或401错误
if (! $authorized) {
header('WWW-Authenticate: Basic Realm="Secret
Stash"');
header('HTTP/1.0 401 Unauthorized');
print('您必须提供正确的凭证!');
exit;
}
?>
<!-- password.txt
joe:60d99e58d66a5e0f4f89ec3ddd1d9a80
-->