How do I send authentication data?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I wish to create a login page that prompts the user for a user name
and password, then uses these credentials to redirect the user to a
"protected" site.  I presume I need to send some sort of header.  Here
is my attempt so far (which doesn't work):

if ( isset( $_GET[ 'action' ]) && 'auth' == $_GET[ 'action' ] )
    $hdr = base64_encode( "${_POST[ 'username' ]}:${_POST
[ 'password' ]}" );
    header( "Authorization: Basic $hdr" );
    header( 'Location: ' );  // "/office"
requires authentication

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
" ">
<title>Foobar inc Home Page</title>
<form method="post" action="letters.php?action=auth">
Username:<input type="text" name="username">
Password:<input type="password" name="password">
<input type="submit" value="Log in">

Re: How do I send authentication data?

On Tue, 12 May 2009 17:07:12 -0700 (PDT), Robert S

Quoted text here. Click to load it

the headers don't get replicated. Basically you tell with the location
header to the user's browser to go to another website; but whatever
headers you sent back, will not be sent to the second website.

Besides the fact it does not work, please be careful when putting the
user and hte password in a simple field, be it in the http header etc,
as it is a very sure security breach...


Re: How do I send authentication data?

Sounds like it can't be done then.  Maybe I'll do everything in a
single script in a directory and put the password into the code.

Site Timeline