This is a quick and cool php tip im gonna show you.
We will make an login page just like htpasswd but using php.
Why is this good?!
Well often hackers when hacking a server try to read .htpasswd files but without knowing that isn't there will make them search for a while, or even not find it :)
Live preview:
Open a php file you want to protect or just create a new one xD
<?php
$config['admin_username'] = "username"; // your username
$config['admin_passowrd'] = "password"; // your password
if(!isset($_SERVER['PHP_AUTH_USER'])){
header("WWW-Authenticate: Basic realm=\"Login\"");
header("HTTP/1.0 401 Unathorized");
die("No login passed lol");
}
else{
if(!($_SERVER['PHP_AUTH_USER'] == $config['admin_username'] && $_SERVER['PHP_AUTH_PW'] == $config['admin_passowrd'])){
header("WWW-Authenticate: Basic realm=\"Login\"");
header("HTTP/1.0 401 Unathorized");
die("What happens when you press cancel :P ");
}
}
?>
Thats it, dont forget to share xD
Thank you man! didn't know that! very useful!
ReplyDeleteyeah, it's really amazing tip :)
ReplyDeletereally useful.. thanks
ReplyDeleteexcept for the typo $config['admin_passowrd']
ReplyDelete