iiiypuk/file-directory-list
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Auth

Browse Source
This commit is contained in:
Marius
2021-08-11 18:04:25 +02:00
parent 6fa58f3765
commit f026df6997
2 changed files with 25 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.htaccess Normal file
View File

@@ -0,0 +1,5 @@
# Deny access to .htaccess
<Files .htaccess>
Order allow,deny
Deny from all
</Files>

36
index.php
View File

@@ -42,7 +42,7 @@ $mode_register = false;
$color = "light"; $color = "light";
// ADD SPECIFIC FILES YOU WANT TO IGNORE HERE // ADD SPECIFIC FILES YOU WANT TO IGNORE HERE
$ignore_file_list = array( ".htaccess", "Thumbs.db", ".DS_Store" ); $ignore_file_list = array( ".htaccess", "Thumbs.db", ".DS_Store", "users.txt" );
// ADD SPECIFIC FILE EXTENSIONS YOU WANT TO IGNORE HERE, EXAMPLE: array('psd','jpg','jpeg') // ADD SPECIFIC FILE EXTENSIONS YOU WANT TO IGNORE HERE, EXAMPLE: array('psd','jpg','jpeg')
$ignore_ext_list = array( ); $ignore_ext_list = array( );
@@ -452,7 +452,7 @@ function build_blocks( $items, $folder )
// //
function register() { function register() {
$USERS = array('admin' => '140194'); $USERS = array('admin' => '140194');
header('Cache-Control: no-cache, must-revalidate, max-age=0'); header('Cache-Control: no-cache, must-revalidate, max-age=0');
$has_supplied_credentials = strlen($_SERVER['PHP_AUTH_USER']) > 3; $has_supplied_credentials = strlen($_SERVER['PHP_AUTH_USER']) > 3;
if ($has_supplied_credentials) { if ($has_supplied_credentials) {
@@ -470,29 +470,33 @@ function register() {
// //
function login() { function login() {
$USERS = array('admin' => '140194', 'tester' => 'zaubar'); $USERS = array('admin' => 'marius', 'tester' => 'laetitia');
$reg = file('users.txt');
for ($i = 0; $i < count($reg); ++$i) {
$user = explode(' ', $reg[$i])[0];
$pw = explode(' ', $reg[$i])[1];
$USERS[$user] = $pw;
}
if (!isset($_SERVER['PHP_AUTH_USER'])) { if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('HTTP/1.1 401 Authorization Required'); header('HTTP/1.1 401 Authorization Required');
header('WWW-Authenticate: Basic realm="Access denied"'); header('WWW-Authenticate: Basic realm="Access denied"');
exit; exit;
} else { } else {
if (isset($USERS[$_SERVER['PHP_AUTH_USER']])) { if (isset($USERS[$_SERVER['PHP_AUTH_USER']])) {
$pw = $USERS[$_SERVER['PHP_AUTH_USER']]; $pw = $USERS[$_SERVER['PHP_AUTH_USER']];
if ($pw == $_SERVER['PHP_AUTH_PW']) { if ($pw == $_SERVER['PHP_AUTH_PW']) {
date_default_timezone_set('Europe/Berlin'); date_default_timezone_set('Europe/Berlin');
$txt = Date('Y-m-d\TH:i',time()) . ' ' . $USERS[$_SERVER['PHP_AUTH_USER']]; $txt = Date('Y-m-d\TH:i',time()) . ' ' . $USERS[$_SERVER['PHP_AUTH_USER']];
file_put_contents('logins.txt', $txt.PHP_EOL , FILE_APPEND | LOCK_EX); file_put_contents('logins.txt', $txt.PHP_EOL , FILE_APPEND | LOCK_EX);
} else {
echo 'Check your pw ' . $_SERVER['PHP_AUTH_PW'] . ' ' . $pw;
exit;
}
} else { } else {
header('HTTP/1.1 401 Authorization Required'); echo 'User not found ' . $_SERVER['PHP_AUTH_USER'];
header('WWW-Authenticate: Basic realm="Access denied"');
exit; exit;
} }
} else {
header('HTTP/1.1 401 Authorization Required');
header('WWW-Authenticate: Basic realm="Access denied"');
exit;
} }
}
} }