2 /* from http://www.rooftopsolutions.nl/blog/223 */
\r
4 $validUser = BASIC_AUTH_USER;
\r
5 $validPass = BASIC_AUTH_PW;
\r
7 $realm = 'input your speicial username and password here from your sitemaster';
\r
9 $digest = getDigest();
\r
10 if (is_null($digest)) requireLogin($realm,$nonce);
\r
11 $digestParts = digestParse($digest);
\r
12 $A1 = md5("{$validUser}:{$realm}:{$validPass}");
\r
13 $A2 = md5("{$_SERVER['REQUEST_METHOD']}:{$digestParts['uri']}");
\r
14 $validResponse = md5("{$A1}:{$digestParts['nonce']}:{$digestParts['nc']}:{$digestParts['cnonce']}:{$digestParts['qop']}:{$A2}");
\r
16 if ($digestParts['response']!=$validResponse) requireLogin($realm,$nonce);
\r
17 function getDigest() {
\r
18 if (isset($_SERVER['PHP_AUTH_DIGEST'])) {
\r
19 $digest = $_SERVER['PHP_AUTH_DIGEST'];
\r
20 } elseif (isset($_SERVER['HTTP_AUTHENTICATION'])) {
\r
21 if (strpos(strtolower($_SERVER['HTTP_AUTHENTICATION']),'digest')===0)
\r
22 $digest = substr($_SERVER['HTTP_AUTHORIZATION'], 7);
\r
27 function requireLogin($realm,$nonce) {
\r
28 header('WWW-Authenticate: Digest realm="' . $realm . '",qop="auth",nonce="' . $nonce . '",opaque="' . md5($realm) . '"');
\r
29 header('HTTP/1.0 401 Unauthorized');
\r
33 function digestParse($digest) {
\r
34 $needed_parts = array('nonce'=>1, 'nc'=>1, 'cnonce'=>1, 'qop'=>1, 'username'=>1, 'uri'=>1, 'response'=>1);
\r
36 preg_match_all('@(\w+)=(?:(?:")([^"]+)"|([^\s,$]+))@', $digest, $matches, PREG_SET_ORDER);
\r
37 foreach ($matches as $m) {
\r
38 $data[$m[1]] = $m[2] ? $m[2] : $m[3];
\r
39 unset($needed_parts[$m[1]]);
\r
41 return $needed_parts ? false : $data;
\r