基于数据库的身份验证
创建用户验证表
CREATE TABLE logins(
id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(255) NOT NULL,
pswd CHAR(32) NOT NULL
);
插入一个用户
INSERT into logins (username,pswd) VALUES('admin','21232f297a57a5a743894a0e4a801fc3')
simple_check.php
<?php
function authenticate_user(){ header('WWW-Authenticate:Basic realm="Secret Stash"'); header('HTTP/1.0 401 Unauthorized'); exit; } if(!isset($_SERVER['PHP_AUTH_USER'])){ authenticate_user(); } else{ $db = new mysqli("localhost","root","root","sql_practice"); $stmt = $db->prepare("Select username,pswd FROM logins WHERE username=? AND pswd=md5(?)"); $stmt->bind_param('ss',$_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']); $stmt->execute(); $stmt->store_result(); if($stmt->num_rows == 0){ authenticate_user(); } else echo "Login Successfully"; }
?>