[PHP] Re: Can it be improved upon?

[Philip Hallstrom]

You might consider converting users.pass to one of the various DB formats
so that you can do a direct lookup on $user.

And, move the check for !isset($PHP_AUTH_USER) outside of the while loop.
If that condition is going to be true, there's no reason to even bother
opening the file.

On Fri, 21 Dec 2001, jtjohnston wrote:

> Can it be improved upon?
> Suggestions welcome,
> John
>
> <?php
>
> $fp = fopen ("./users.pass", "r");
>
> while (!feof ($fp)) {
>  $line = fgets($fp, 4096);
>  list($user,$password) = explode(":", $line);
>  $password = chop($password);
>
>   if(!isset($PHP_AUTH_USER))
>    {
>    authenticate();
>    }
>   elseif(($PHP_AUTH_USER != $user) || ($PHP_AUTH_PW != $password))
>    {
>    authenticate();
>   }else{
>    echo "<p>Welcome:  $PHP_AUTH_USER</p>";
>    echo "<p>Password: $PHP_AUTH_PW</p>";
>    exit;
>   }
> }
> fclose($fp);
>
> function authenticate() {
>  global $PHP_AUTH_USER, $PHP_AUTH_PW;
>    header( "WWW-Authenticate: Basic realm=\"Students\"");
>    header( "HTTP/1.0 401 Unauthorized");
>    echo "$PHP_AUTH_USER, you must enter a valid login ID and password to
> access this resource. \"$PHP_AUTH_PW\" is not a valid password!\n";
>    exit;
>  }
>
> ?>
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]