<?php include '../util.inc'; // Login credentials. define('USER', 'tom'); define('PASSWD', 'fred'); $logged_in = $_COOKIE['c2_logged_in']; // If we don't have cookie or a password, ask the browser to ask for a // password. if(!$logged_in && !array_key_exists('PHP_AUTH_USER', $_SERVER)) { header("WWW-Authenticate: Basic realm=\"Test Realm\""); header("HTTP/1.0 401 Unauthorized"); whap('Password Needed', "What, you think you can get in here without a password?"); } // See if there's no cookie, but a passwd. if(!$logged_in && array_key_exists('PHP_AUTH_USER', $_SERVER)) { // Gave password, no cookie. Check user & password. if($_SERVER['PHP_AUTH_USER'] == USER && $_SERVER['PHP_AUTH_PW'] == PASSWD) // Good. Set the cookie for a week. setcookie('c2_logged_in', '1', time() + 7 * 24 * 60 * 60); else { header("WWW-Authenticate: Basic realm=\"Test Realm\""); header("HTTP/1.0 401 Unauthorized"); whap('Password Incorrect', "Sorry, your login is not valid."); } } start('Welcome!'); echo "Welcome valued customer!<p>There is nothing for you to do."; echo "<p>Go away."; ?> </body> </html>