Verzeichnisschutz durch .htaccess-Datei
Verzeichnisschutz mit PHP erstellen
- .htaccess
AuthType Basic
AuthName "Streng geheimer Bereich"
AuthUserFile E:\xampp\htdocs\dev\pwd.txt
Require valid-user
- AuthUserFile.php
<?php
class AuthUserFile
{
private $filename;
private $lines = array();
private $write = false;
public function __construct( $filename )
{
if( !empty( $filename ) )
{
$this->filename = $filename;
if( file_exists( $filename ) )
{
$this->lines = file( $filename );
}
}
else
{
throw new Exception( "filename is empty" );
}
}
public function addUser( $username, $password )
{
if( !empty( $username ) )
{
if( $this->getIndex( $username ) == -1 )
{
$line[0] = $username;
$line[1] = password_hash( $password, PASSWORD_BCRYPT );
$nl = chr(13) . chr(10); // new line
$this->lines[] = implode( ":", $line ) . $nl;
$this->write = true;
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}
public function delUser($username ) {
$index = $this->getIndex( $username ); // get index from username
if( $index > -1 ) { // found username
unset( $this->lines[$index] ); // delete entry from array
$this->write = true;
return true;
}
else
return false;
}
public function __destruct() {
if( $this->write ) {
if( count( $this->lines ) > 0 ) {
$fp = fopen( $this->filename, "w" );
foreach( $this->lines as $line )
fputs( $fp, $line );
fclose( $fp );
}
}
}
private function getIndex( $username ) {
if( count( $this->lines ) > 0 ) {
foreach( $this->lines as $index=>$line ) {
$data = explode( ":", $line );
if( $data[0] == $username )
return $index;
}
}
return -1; // username not found
}
}
Anwendungsbeispiel:
$htaccess = new AuthUserFile( "E:\\xampp\\htdocs\\dev\\pwd.txt" );
$htaccess->addUser( "Jens", "PasswortVonJens" );
$htaccess->addUser( "Hubert", "PasswortVonHubert" );
$htaccess->addUser( "Franzi", "PasswortVonFranz" );
$htaccess->delUser( "Hubert" );
Auf eine Datei hinter .htaccess Verzeichnisschutz zugreifen
$url = 'https://wissensarchiv.org/geheimes-verzeichnis/';
$username = 'test';
$password = 'test';
$splitUrl = explode( '//', $url );
$realUrl = sprintf( '%s//%s:%s@%s', $splitUrl[0], $username, $password, $splitUrl[1] );
$content = file_get_contents( $realUrl );
echo $content;