为什么当我在 PHP 中使用 HTTP 身份验证时,只有按“取消”才会关闭?
在 PHP 中,我尝试创建一个基本的 HTTP 身份验证登录(弹出的登录)。据我了解,这是通过标头完成的,这是我的标头:
header("WWW-Authenticate: Basic realm='Secure Area'");
之后,我检查输入的用户名或密码是否不正确,如果是,我执行一个或另一个函数:
if ($_SERVER["PHP_AUTH_USER"] != $username || $_SERVER["PHP_AUTH_PW"] != $password)
{
quit();
}
else
{
main();
}
但是,当我测试我的代码时,然后我输入正确的用户名和密码,然后按“登录”,登录弹出框再次打开,第二次打开后,我可以按“取消”,它会将我带到主函数的结果,但如果我只要继续按“登录”,它就会不断弹出。
除此之外,它工作正常。如果我在没有正确输入用户名或密码的情况下按“取消”,它将退出。然而,我需要解决这个看似“无休止的登录”的问题。
我该如何修复它?
In PHP I'm trying to create a basic HTTP authentication login (the one that pops up). Its my understanding this is done through a header, and this is my header:
header("WWW-Authenticate: Basic realm='Secure Area'");
After that, I check to see if the input username or password is incorrect, and if it is I execute one function or another:
if ($_SERVER["PHP_AUTH_USER"] != $username || $_SERVER["PHP_AUTH_PW"] != $password)
{
quit();
}
else
{
main();
}
However, when I test my code, and I enter the correct username and password and press "Log In" the login popup box just opens again, after the second time opening, I can press "Cancel" and it takes me to the result of the main function, but if I just keep pressing "Log In" it just keeps popping up.
Other than that, it works normally. If I press "Cancel" without correctly entering the username or password first it will quit. However, I need to resolve the problem of this seemingly 'endless login'.
How can I fix it?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我猜想即使在用户通过身份验证后您也会重新发送身份验证标头。将 header() 调用移至 if 块,而不是 quit()。
I guess you are resending the authenticate header even after the user is authenticated. Move the header() call into the if block, instead of quit().