if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="CSE Backgound Enterance"');
header('HTTP/1.0 401 Unauthorized');
exit('Login failed, please restart your web browser to relogin.');
} else {
if ($_SERVER['PHP_AUTH_USER']!='root' || $_SERVER['PHP_AUTH_PW']!='123456') {
exit('Login failed, please restart your web browser to relogin.');
}
}
请问http头验证是否安全?
-
- 帖子: 438
- 注册时间: 2008-03-30 10:35
- yiller
- 帖子: 47
- 注册时间: 2007-09-28 2:33
- 来自: 重庆
-
- 帖子: 40
- 注册时间: 2007-05-20 19:26
-
- 帖子: 40
- 注册时间: 2007-05-20 19:26
想起来了,刚看了一篇包头欺骗的文章:http://www.astahost.com/info.php/hacker ... 13807.html