Protected: 透過APACHE認證

APACHE有提供基本的使用者認證方式,這個範例展示了如何編輯認證檔案與驗證使用者的方式。

存取物件:
<?
/**
* Class for handling htaccess of Apache
* @author Sven Wagener <sven.wagener@intertribe.de>
* @copyright Intertribe - Internetservices Germany
* @include Funktion:_include_
*/

class htaccess{
var $fHtaccess=""; // path and filename for htaccess file
var $fHtgroup=""; // path and filename for htgroup file
var $fPasswd=""; // path and filename for passwd file

var $authType=”Basic”; // Default authentification type
var $authName=”Internal area”; // Default authentification name

/**
* Initialising class htaccess
*/
function htaccess(){
}

/**
* Sets the filename and path of .htaccess to work with
* @param string $filename the name of htaccess file
*/
function setFHtaccess($filename){
$this->fHtaccess=$filename;
}

/**
* Sets the filename and path of the htgroup file for the htaccess file
* @param string $filename the name of htgroup file
*/
function setFHtgroup($filename){
$this->fHtgroup=$filename;
}

/**
* Sets the filename and path of the password file for the htaccess file
* @param string $filename the name of htgroup file
*/
function setFPasswd($filename){
$this->fPasswd=$filename;
}

/**
* Adds a user to the password file
* @param string $username Username
* @param string $password Password for Username
* @param string $group Groupname for User (optional)
* @return boolean $created Returns true if user have been created otherwise false
*/
function addUser($username,$password,$group){
// checking if user already exists
$file=@fopen($this->fPasswd,”r”);
$isAlready=false;
while($line=@fgets($file,200)){
$lineArr=explode(“:”,$line);
if($username==$lineArr[0]){
$isAlready=true;
}
}

if($isAlready==false){
$file=fopen($this->fPasswd,”a”);
$password=crypt($password);
$newLine=$username.”:”.$password.”\n”;

fputs($file,$newLine);
fclose($file);
return true;
}else{
return false;
}
}

/**
* Adds a group to the htgroup file
* @param string $groupname Groupname
*/
function addGroup($groupname){
$file=fopen($this->fHtgroup,”a”);
fclose($file);
}

/**
* Deletes a user in the password file
* @param string $username Username to delete
* @return boolean $deleted Returns true if user have been deleted otherwise false
*/
function delUser($username){
// Reading names from file
$file=fopen($path.$this->fPasswd,”r”);
$i=0;
while($line=fgets($file,200)){
$lineArr=explode(“:”,$line);
if($username!=$lineArr[0]){
$newUserlist[$i][0]=$lineArr[0];
$newUserlist[$i][1]=$lineArr[1];
$i++;
}else{
$deleted=true;
}
}
fclose($file);

// Writing names back to file (without the user to delete)
$file=fopen($path.$this->fPasswd,”w”);
for($i=0;$i<count($newUserlist);$i++){
fputs($file,$newUserlist[$i][0].”:”.$newUserlist[$i][1].”\n”);
}
fclose($file);

if($deleted==true){
return true;
}else{
return false;
}
}

/**
* Returns an array of all users in a password file
* @return array $users All usernames of a password file in an array
* @see setFPasswd()
*/
function getUsers(){
}

/**
* Sets a password to the given username
* @param string $username The name of the User for changing password
* @param string $password New Password for the User
* @return boolean $isSet Returns true if password have been set
*/
function setPasswd($username,$new_password){
// Reading names from file
$newUserlist=””;

$file=fopen($this->fPasswd,”r”);
$x=0;
for($i=0;$line=fgets($file,200);$i++){
$lineArr=explode(“:”,$line);
if($username!=$lineArr[0] && $lineArr[0]!=”” && $lineArr[1]!=””){
$newUserlist[$i][0]=$lineArr[0];
$newUserlist[$i][1]=$lineArr[1];
$x++;
}else if($lineArr[0]!=”” && $lineArr[1]!=””){
$newUserlist[$i][0]=$lineArr[0];
$newUserlist[$i][1]=crypt($new_password).”\n”;
$isSet=true;
$x++;
}
}
fclose($file);

unlink($this->fPasswd);

/// Writing names back to file (with new password)
$file=fopen($this->fPasswd,”w”);
for($i=0;$i<count($newUserlist);$i++){
$content=$newUserlist[$i][0].”:”.$newUserlist[$i][1];
fputs($file,$content);
}
fclose($file);

if($isSet==true){
return true;
}else{
return false;
}
}

/**
* Sets the Authentification type for Login
* @param string $authtype Authentification type as string
*/
function setAuthType($authtype){
$this->authType=$authtype;
}

/**
* Sets the Authentification Name (Name of the login area)
* @param string $authname Name of the login area
*/
function setAuthName($authname){
$this->authName=$authname;
}

/**
* Writes the htaccess file to the given Directory and protects it
* @see setFhtaccess()
*/
function addLogin(){
$file=fopen($this->fHtaccess,”w+”);
fputs($file,”Order allow,deny\n”);
fputs($file,”Allow from all\n”);
fputs($file,”AuthType “.$this->authType.”\n”);
fputs($file,”AuthUserFile “.$this->fPasswd.”\n\n”);
fputs($file,”AuthName \””.$this->authName.”\”\n”);
fputs($file,”require valid-user\n”);
fclose($file);
}

/**
* Deletes the protection of the given directory
* @see setFhtaccess()
*/
function delLogin(){
unlink($this->fHtaccess);
}
}
?>

使用方式:

<?php
setFPasswd("/var/www/htpasswd");
// Setting up path of password file
$ht->setFHtaccess("/var/www/.htaccess");

// Adding user
$ht->addUser("username","0815");

// Changing password for User
$ht->setPasswd("username","newPassword");

// Deleting user
$ht->delUser("username");

// Setting authenification type
// If you don't set, the default type will be "Basic"
$ht->setAuthType("Basic");

// Setting authenification area name
// If you don't set, the default name will be "Internal Area"
$ht->setAuthName("My private Area");

//!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
// finally you have to process addLogin()
// to write out the .htaccess file
$ht->addLogin();

// To delete a Login use the delLogin function
$ht->delLogin();
?>

驗證方式:
<?php
function authenticate(){
header("WWW-Authenticate: Basic realm=\"Members\"");
header('HTTP/1.0 401 Unauthorized');
echo "Please enter a valid user name and password.";
exit;
}

for(; 1; authenticate()){
if (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER'])) continue;
$user = $HTTP_SERVER_VARS['PHP_AUTH_USER'];
if(!($authUserLine =
array_shift(preg_grep("/$user:.*$/",
file("/home/kloss/html/test/.htpasswd"))))) continue;
preg_match("/$user:((..).*)$/", $authUserLine, $matches);
$authPW = $matches[1];
$salt = $matches[2];
$submittedPW = crypt($HTTP_SERVER_VARS['PHP_AUTH_PW'], $salt);
if($submittedPW != $authPW) continue;
break;
} ?>

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s