0

I need a simple login authentication for my beta site. This is what I found and I put it in my index.php (Joomla 2.5):

<?
//-- login
if ($_SERVER["PHP_AUTH_USER"] != "USERNAME" || $_SERVER["PHP_AUTH_PW"] != "PASSWORD")
{

    header("WWW-Authenticate: Basic realm=\"Enter username and password to proceed\"");  
    header("HTTP/1.0 401 Unauthorized");

    echo "<h1>Authentication failed</h1>";
}    
else
{
    echo "<h1>Authentication succeeded</h1>";
}
?>

The php login "pop-up" is showing perfect but when I click "cancel login" my website will be loaded anyway.

How can I prevent loading my website?

Improve this question

1 Answer 1

Reset to default
2

You should have a die(); after the echo "<h1>Authentication failed</h1>"; to stop any more of the code being processed.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

the || is just fine because he is checking if the username/password != the strings. meaning that if either one doesn't match, "authentication failed". using && would mean they both need to not match to fail.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.