<?php
function authenticate() {
header('WWW-Authenticate: Basic realm="Test Authentication System"');
header('HTTP/1.0 401 Unauthorized');
echo "You must enter a valid login ID and password to access this resource
";
exit;
}
if (!isset($_SERVER['PHP_AUTH_USER']) ||
($_POST['SeenBefore'] == 1 && $_POST['OldAuth'] == $_SERVER['PHP_AUTH_USER'])) {
authenticate();
} else {
echo "<p>Welcome: " . htmlspecialchars($_SERVER['PHP_AUTH_USER']) . "<br />";
echo "Old: " . htmlspecialchars($_REQUEST['OldAuth']);
echo "<form action='' method='post'>
";
echo "<input type='hidden' name='SeenBefore' value='1' />
";
echo "<input type='hidden' name='OldAuth' value="" . htmlspecialchars($_SERVER['PHP_AUTH_USER']) . "" />
";
echo "<input type='submit' value='Re Authenticate' />
";
echo "</form></p>
";
}
?>