Location: PHPKode > scripts > HHSecureObject > hhsecureobject/include/hhsecureobject.class.php
<?php
/**
* HHSecureObject
*/
class hhsecureobject
{
	var $_accounts;
	var $_auth_title;
	var $_error;
	function hhsecureobject ()
	{
		global $hhsecureobject;
		if (!session_id()) session_start();
		$this->_accounts = $hhsecureobject['config']['accounts'];
		$this->_auth_title = $hhsecureobject['config']['auth'];
		$this->_error = $hhsecureobject['config']['error'];
	}
	function protect()
	{
		if (!isset ($_SESSION['username']) || $_SESSION['username'] == '')
		{
			if (!isset ($_SERVER['PHP_AUTH_USER']) || (isset ($_SESSION['reauth']) && $_SESSION['reauth'] == true))
			{
				$this->_show_form();
			}
			else
			{
				if ($this->_check_user ($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))
				{
					$_SESSION['username'] = $_SERVER['PHP_AUTH_USER'];
				}
				else $this->_show_form();
			}
		}
	}
	function _check_user ($username, $password)
	{
		$key = array_search ($username, $this->_accounts['username']);
		if ($key)
		{
			if ($password == $this->_accounts['password'][$key]) return true;
			else return false;
		}
		else return false;
	}
	function _show_form ()
	{
		if (isset ($_SESSION['reauth'])) $_SESSION['reauth'] = false;
		Header ('WWW-Authenticate: Basic realm="'.$this->_auth_title.'"');
		Header ('HTTP/1.0 401 Unauthorized');
		print $this->_error;
		exit();
	}
	function logout ()
	{
		$_SESSION['username'] = '';
		$_SESSION['reauth'] = true;
		$_SERVER['PHP_AUTH_USER'] = '';
		$_SERVER['PHP_AUTH_PW'] = '';
	}
}
?>
Return current item: HHSecureObject