Here's a final topic for this chapterdetermining whether the user has logged in. Most servers allow you to restrict access to sections of your web site by supporting usernames and passwords, which you add to configuration files in the server. When you try to access a restricted part of a web site, you'll get a dialog box that asks for your username and password, as shown in Figure 6-23. Figure 6-23. Entering username and password.PHP allows you to determine whether the user has been authorized by checking the "PHP_AUTH_USER" key in $_SERVER. Here's an exampleif $_SERVER['PHP_AUTH_USER'] has been set, we welcome the user by nameotherwise, we terminate the current script with the PHP exit function: <?php if (!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="workgroup"'); header('HTTP/1.0 401 Unauthorized'); echo 'Sorry, you are not authorized.'; exit; } else { echo "Welcome, {$_SERVER['PHP_AUTH_USER']}."; } ?> That completes our work with web applications for the moment. In the next chapter, we're going to add still more PHP power to our arsenal by doing some object-oriented programming and by working with files. |