jamesp/ppr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
James Pattinson
2025-02-11 16:14:49 +00:00
commit af0b1de88c
12 changed files with 1002 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
functions.php Normal file
View File

@@ -0,0 +1,74 @@
<?php
// Database connection details
$host = 'sasaprod.pattinson.org'; // Replace with your database host (usually 'localhost')
$username = 'ppruser'; // Replace with your database username
$password = 'iJ8kN*5[g6P3jaqN'; // Replace with your database password
$database = 'pprdevdb'; // Replace with your database name
function connectDb() {
// Create connection
$conn = new mysqli( $GLOBALS['host'], $GLOBALS['username'], $GLOBALS['password'], $GLOBALS['database']);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
return $conn;
}
function require_db_auth() {
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
send_auth_headers();
}
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
$conn = connectDb();
$stmt = $conn->prepare("SELECT password FROM users WHERE username = ?");
$stmt->bind_param("s", $user);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($stored_hash);
$stmt->fetch();
// Verify the password
if ($stmt->num_rows == 0 || !password_verify($pass, $stored_hash)) {
send_auth_headers();
}
// Close the connection
$stmt->close();
$conn->close();
}
function send_auth_headers() {
header('WWW-Authenticate: Basic realm="Restricted Area"');
header('HTTP/1.0 401 Unauthorized');
die("Authentication required.");
}
function require_auth() {
$AUTH_USER = 'admin';
$AUTH_PASS = 'admin';
header('Cache-Control: no-cache, must-revalidate, max-age=0');
$has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));
$is_not_authenticated = (
!$has_supplied_credentials ||
$_SERVER['PHP_AUTH_USER'] != $AUTH_USER ||
$_SERVER['PHP_AUTH_PW'] != $AUTH_PASS
);
if ($is_not_authenticated) {
header('HTTP/1.1 401 Authorization Required');
header('WWW-Authenticate: Basic realm="PPR"');
echo 'Text to send if user hits Cancel button';
exit;
}
}