Auth

.htaccess

@@ -0,0 +1,5 @@
+# Deny access to .htaccess
+<Files .htaccess>
+Order allow,deny
+Deny from all
+</Files>

index.php

@@ -42,7 +42,7 @@ $mode_register = false;
 $color  = "light";
 
 // ADD SPECIFIC FILES YOU WANT TO IGNORE HERE
-$ignore_file_list = array( ".htaccess", "Thumbs.db", ".DS_Store" );
+$ignore_file_list = array( ".htaccess", "Thumbs.db", ".DS_Store", "users.txt" );
 
 // ADD SPECIFIC FILE EXTENSIONS YOU WANT TO IGNORE HERE, EXAMPLE: array('psd','jpg','jpeg')
 $ignore_ext_list = array( );
@@ -470,7 +470,13 @@ function register() {
 
 //
 function login() {
-  $USERS = array('admin' => '140194', 'tester' => 'zaubar');
+    $USERS = array('admin' => 'marius', 'tester' => 'laetitia');
+    $reg = file('users.txt');
+    for ($i = 0; $i < count($reg); ++$i) {
+        $user = explode(' ', $reg[$i])[0];
+        $pw = explode(' ', $reg[$i])[1];
+        $USERS[$user] = $pw;
+    }
     if (!isset($_SERVER['PHP_AUTH_USER'])) {
         header('HTTP/1.1 401 Authorization Required');
         header('WWW-Authenticate: Basic realm="Access denied"');
@@ -483,13 +489,11 @@ function login() {
                 $txt = Date('Y-m-d\TH:i',time()) . ' ' . $USERS[$_SERVER['PHP_AUTH_USER']];
                 file_put_contents('logins.txt', $txt.PHP_EOL , FILE_APPEND | LOCK_EX);
             } else {
-            header('HTTP/1.1 401 Authorization Required');
+                echo 'Check your pw ' . $_SERVER['PHP_AUTH_PW'] . ' ' . $pw;
-            header('WWW-Authenticate: Basic realm="Access denied"');
                 exit;
             }
         } else {
-        header('HTTP/1.1 401 Authorization Required');
+            echo 'User not found ' . $_SERVER['PHP_AUTH_USER'];
-        header('WWW-Authenticate: Basic realm="Access denied"');
             exit;
         }
     }