Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Help the idiot part 2 (please!)


Guest

Recommended Posts

I;ve installed a contrib for admin password.

 

The following code is giving me grief.. ;(

/ Save the following PHP codes as authen.php in /admin/includes/authen.php
<?php

if(!isset($PHP_AUTH_USER)) 
{	header('WWW-Authenticate: Basic realm="' . TITLE . '"');
header('HTTP/1.0 401 Unauthorized');
echo $SERVER_NAME . ' Authorization Required.';
exit;
} 
else
{	if (($PHP_AUTH_USER != ADMIN_USERNAME) || ($PHP_AUTH_PW != ADMIN_PASSWORD)) 
{	header('WWW-Authenticate: Basic realm="' . TITLE. '"');
 header('HTTP/1.0 401 Unauthorized');
 echo $SERVER_NAME . ' Authorization Required.';
 exit;
}
}

?>

Its just a direct cut and paste of the full code which is

 

Quick Setup of Admin Authentication.

// Open /admin/includes/application_top.php add the following code in
// include authentication user/password of administration
 require(DIR_WS_INCLUDES . 'authen.php');

// Open /admin/includes/configure.php and add the following code in
// define admin user/password
 define('ADMIN_USERNAME', 'admin');
 define('ADMIN_PASSWORD', 'mypasword');


// Save the following PHP codes as authen.php in /admin/includes/authen.php
<?php

if(!isset($PHP_AUTH_USER)) 
{	header('WWW-Authenticate: Basic realm="' . TITLE . '"');
header('HTTP/1.0 401 Unauthorized');
echo $SERVER_NAME . ' Authorization Required.';
exit;
} 
else
{	if (($PHP_AUTH_USER != ADMIN_USERNAME) || ($PHP_AUTH_PW != ADMIN_PASSWORD)) 
{	header('WWW-Authenticate: Basic realm="' . TITLE. '"');
 header('HTTP/1.0 401 Unauthorized');
 echo $SERVER_NAME . ' Authorization Required.';
 exit;
}
}

?>

Link to comment
Share on other sites

I'm trying to implement this script as well. However, I'm on Windows XP Home and I am without the password-protected sharing features of XP pro. Another problem with the Windows file system is that it will not allow you to create a nameless file (i.e., extension only: .htaccess, .htpasswd).

 

When I use the admin_authen contribution, I get the login prompt but the user name/password combination that I specified in the admin/configure.php always fails. Even with no password (blank), I get the message "Authorization Required". I have nailed down that it is the first if statement that the script is hung on by adding a digit in the error message string.

 

if(!isset($PHP_AUTH_USER))

{ header('WWW-Authenticate: Basic realm="' . TITLE . '"');

header('HTTP/1.0 401 Unauthorized');

echo $SERVER_NAME . ' Authorization Required1.';

exit;

}

 

What is $PHP_AUTH_USER? A pre-defined PHP global? Unless someone can offer advice, I'll be looking into other 2.2 contributions.

Link to comment
Share on other sites

  • 3 months later...

You are publishing your store on a Windows XP Home? Hard to believe.

 

If you are doing this locale, just for testing purposes, you may leave admin unprotected. When you eventually go live, you can protect it.

 

Files like .htaccess don't work on windows, and its not because the extension problem. (and yes, you can have extensionless files in Windows).

 

If you are really publishing your store live on a Windows XP Home, require from your hosting this passwors protection features you said.

If at first you don't succeed, you must be a programmer.

 

Tip Posted: Languageless Reviews

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...