You might consider converting users.pass to one of the various DB formats so that you can do a direct lookup on $user.
And, move the check for !isset($PHP_AUTH_USER) outside of the while loop. If that condition is going to be true, there's no reason to even bother opening the file. On Fri, 21 Dec 2001, jtjohnston wrote: > Can it be improved upon? > Suggestions welcome, > John > > <?php > > $fp = fopen ("./users.pass", "r"); > > while (!feof ($fp)) { > $line = fgets($fp, 4096); > list($user,$password) = explode(":", $line); > $password = chop($password); > > if(!isset($PHP_AUTH_USER)) > { > authenticate(); > } > elseif(($PHP_AUTH_USER != $user) || ($PHP_AUTH_PW != $password)) > { > authenticate(); > }else{ > echo "<p>Welcome: $PHP_AUTH_USER</p>"; > echo "<p>Password: $PHP_AUTH_PW</p>"; > exit; > } > } > fclose($fp); > > function authenticate() { > global $PHP_AUTH_USER, $PHP_AUTH_PW; > header( "WWW-Authenticate: Basic realm=\"Students\""); > header( "HTTP/1.0 401 Unauthorized"); > echo "$PHP_AUTH_USER, you must enter a valid login ID and password to > access this resource. \"$PHP_AUTH_PW\" is not a valid password!\n"; > exit; > } > > ?> > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]