{"id":1235,"date":"2009-04-29T12:01:39","date_gmt":"2009-04-29T10:01:39","guid":{"rendered":"http:\/\/planetozh.com\/blog\/?p=1235"},"modified":"2009-04-29T12:01:39","modified_gmt":"2009-04-29T10:01:39","slug":"http-authentication-on-php-as-cgi-like-dreamhost","status":"publish","type":"post","link":"https:\/\/planetozh.com\/blog\/2009\/04\/http-authentication-on-php-as-cgi-like-dreamhost\/","title":{"rendered":"HTTP Authentication on PHP as CGI (like Dreamhost)"},"content":{"rendered":"

Using PHP's HTTP Authentication<\/a> is a simple way to protect scripts behind a login\/password prompt. There's one little problem: it's supposed to work only on PHP as an Apache module, not the CGI version. It took me a while, hair pulling and some googling to get a basic HTTP Auth system working on Dreamhost's PHP as CGI so for my own future reference, and for anyone that would find it useful, here's the trick.
\n<\/p>\n

First, you need a little .htaccess twist:<\/p>\n

\n\n\t\t
\n\n\t\t
\n\t\t\t\t\t\t< View plain text<\/span> ><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t
code<\/div>\n\n\t\t\n\t\t
\n\n\t<\/div>\n\t\n\t
\n\t\t
  1. <IfModule mod_rewrite.c><\/div><\/li>\n
  2. RewriteEngine on<\/div><\/li>\n
  3. RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]<\/div><\/li>\n
  4. <\/IfModule><\/div><\/li>\n<\/ol>\t<\/div>\n\n<\/div>\n\n

    This will pass authorization tokens into an environment variable named REMOTE_USER.<\/p>\n

    Then, the PHP script:<\/p>\n

    \n\n\t\t
    \n\n\t\t
    \n\t\t\t\t\t\t< View plain text<\/span> ><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t
    php<\/div>\n\n\t\t\n\t\t
    \n\n\t<\/div>\n\t\n\t
    \n\t\t
    1. <?php<\/span><\/div><\/li>\n
    2. \/\/ Split the user\/pass variable<\/span><\/div><\/li>\n
    3. list<\/span>(<\/span>$_SERVER<\/span>&<\/span>#91;'PHP_AUTH_USER'&#93;, $_SERVER&#91;'PHP_AUTH_PW'&#93;) =<\/span><\/div><\/li>\n
    4.     explode<\/span>(<\/span>':'<\/span> ,<\/span> base64_decode<\/span>(<\/span>substr<\/span>(<\/span>$_SERVER<\/span>&<\/span>#91;'REDIRECT_REMOTE_USER'&#93;, 6)));<\/span><\/div><\/li>\n
    5.  <\/div><\/li>\n
    6.  <\/div><\/li>\n
    7. \/\/ Open a user\/pass prompt if needed<\/span><\/div><\/li>\n
    8. if<\/span> (<\/span>!<\/span>$_SERVER<\/span>&<\/span>#91;'PHP_AUTH_USER'&#93;) {<\/span><\/div><\/li>\n
    9.     header<\/span>(<\/span>'WWW-Authenticate: Basic realm="My Realm"'<\/span>)<\/span>;<\/span><\/div><\/li>\n
    10.     header<\/span>(<\/span>'HTTP\/1.0 401 Unauthorized'<\/span>)<\/span>;<\/span><\/div><\/li>\n
    11.     echo<\/span> 'You cannot see this, sorry.'<\/span>;<\/span> \/\/ in case they hit "Cancel"<\/span><\/div><\/li>\n
    12.     exit<\/span>;<\/span><\/div><\/li>\n
    13.  <\/div><\/li>\n
    14. \/\/ or deal with the login\/password (like, check them, obviously)<\/span><\/div><\/li>\n
    15. }<\/span> else<\/span> {<\/span><\/div><\/li>\n
    16.     echo<\/span> "<p>Hello, <\/p>"<\/span>.<\/span>$_SERVER<\/span>[<\/span>'PHP_AUTH_USER'<\/span>]<\/span>;<\/span><\/div><\/li>\n
    17.     echo<\/span> "<p>You entered as your password: <\/p>"<\/span>.<\/span>$_SERVER<\/span>[<\/span>'PHP_AUTH_PW'<\/span>]<\/span>;<\/span><\/div><\/li>\n
    18. }<\/span><\/div><\/li>\n
    19. ?><\/span><\/div><\/li>\n<\/ol>\t<\/div>\n\n<\/div>\n\n

      This is labeled as "WORKSFORME" on Dreamhost's PHP as CGI (PHP Version 5.2.6, for the record).<\/p>\n","protected":false},"excerpt":{"rendered":"

      Using PHP's HTTP Authentication is a simple way to protect scripts behind a login\/password prompt. There's one little problem: it's supposed to work only on PHP as an Apache module, not the CGI version. It took me a while, hair pulling and some googling to get a basic HTTP Auth system working on Dreamhost's PHP as CGI so for my\u2026<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[2,314,10],"class_list":["post-1235","post","type-post","status-publish","format-standard","hentry","category-published","tag-code","tag-dreamhost","tag-php"],"_links":{"self":[{"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/posts\/1235","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/comments?post=1235"}],"version-history":[{"count":0,"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/posts\/1235\/revisions"}],"wp:attachment":[{"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/media?parent=1235"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/categories?post=1235"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/tags?post=1235"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}