Closed Thread Icon

Topic awaiting preservation: auto Authorize (Page 1 of 1) Pages that link to <a href="https://ozoneasylum.com/backlink?for=11948" title="Pages that link to Topic awaiting preservation: auto Authorize (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: auto Authorize <span class="small">(Page 1 of 1)</span>\

 
lallous
Paranoid (IV) Inmate

From: Lebanon
Insane since: May 2001

posted posted 12-10-2001 15:53

Hi!

I got a page let's say: http://mysite.com/protected
Now If i want to access that page, the browser's authorization box pops up and asks for username and password.

How can i write a PHP script, that sents the authorization headers and then redirects to that page, so that there is no need for the user to know what were the login info and the no need to input anything in the box or even see it.

I have used my download manager, to learn how to get authorized pages:

quote:
<?
header('GET /protected HTTP/1.1');
header('Connection: close');
header('Host: www.mysite.com');
header('Accept: */*');
header('Pragma: no-cache');
header('Cache-Control: no-cache');
header('Referer: http://www.mysite.com/');
header('User-Agent: Mozilla/4.04 [en] (Win95; I ;Nav)');
header('Authorization: Basic cFaZdjFpeF6ZWJQejC-');
?>



hmm...that is very good code for reading or using direct socket functions....
But I don't want that...I just want the browser to bypass the dialog box if I somehow provide him user/pass from my script.

I assume, there should be something like:

quote:
<?
header("location: http://www.mysite.com/protected");
header('Authorization: Basic cFaZdjFpeF6ZWJQejC-');
?>



but that doesn't work...

Help is appreciated.

Pugzly
Paranoid (IV) Inmate

From: 127.0.0.1
Insane since: Apr 2000

posted posted 12-10-2001 18:37

I know that there is a way to enter a directory that's protected by .htaccess by supplying the credtials in the URL, but I'm sure you don't want that. That displays the credentials in plain text.

mr.maX
Maniac (V) Mad Scientist

From: Belgrade, Serbia
Insane since: Sep 2000

posted posted 12-10-2001 21:23

Currently, I don't have enough time to analyze all this, but I bet that you can find the answer on this page: http://www.php.net/manual/en/features.http-auth.php


lallous
Paranoid (IV) Inmate

From: Lebanon
Insane since: May 2001

posted posted 12-11-2001 04:35

mr.Max, no. Not that what i'm looking for.

Pugzly, perhaps, I can try that..can you show me?

Pugzly
Paranoid (IV) Inmate

From: 127.0.0.1
Insane since: Apr 2000

posted posted 12-11-2001 06:12

Oh sure, ask me to SHOW you.....ok, lemme see if I can find my original example.......

lallous
Paranoid (IV) Inmate

From: Lebanon
Insane since: May 2001

posted posted 12-11-2001 12:08

http://username assword@mysite.com/protectedfolder

I figured it out myself!

[edit] disabled simlies!

[This message has been edited by lallous (edited 12-11-2001).]

Pugzly
Paranoid (IV) Inmate

From: 127.0.0.1
Insane since: Apr 2000

posted posted 12-11-2001 13:54

Yeah, I've got a form that asks for user name and password, then just assembles the URL via JavaScript and does a window.location.

Problem is that the password is then part of the URL, and plainly visible.

« BackwardsOnwards »

Show Forum Drop Down Menu