For admin , i repair a fault , all is good now
Sorry for my english
It's a piece of code , to give a piece of reflexion about simple auth , we can also cryp login and pass in db , time is here for non-replay , the code isn't finish , but it work , only for reflexion about auth mechanism
<?php
function ky( $txt,$crypt) { $key = md5($crypt); $cpt = 0; $var = "";
for ( $Ctr = 0; $Ctr < strlen($txt); $Ctr++) { if ($cpt == strlen($crypt)) $cpt = 0;
$var.= substr($txt,$Ctr,1) ^ substr($crypt,$cpt,1); $cpt++; } return $var; }
$key = "";$list = 'abcdefghijklmnopqrstuvwxyz0123456789';
for($i = 0; $i< 200; $i++) { $key .= $list{mt_rand() % strlen($list)}; }
function cryp($txt,$key){ srand((double)microtime()*735412); $crypt = crypt(rand(0,3895234));$cpt = 0;$var= "";
for ( $Ctr=0; $Ctr < strlen($txt); $Ctr++ ) { if ($cpt == strlen($crypt))$cpt = 0;
$var.= substr($crypt,$cpt,1).( substr($txt,$Ctr,1) ^ substr($crypt,$cpt,1) ); $cpt++; } return base64_encode(ky($var,$key) ); }
function dcryp($txt,$key){ $txt=ky(base64_decode($txt),$key);$var= "";
for ( $Ctr = 0; $Ctr < strlen($txt); $Ctr++ ) { $md5 = substr($txt,$Ctr,1);$Ctr++; $var.= (substr($txt,$Ctr,1) ^ $md5); }return $var;}
$time= time(); $user = cryp('bubu',$key); $pwd = cryp('bubu-'.$time.'',$key);
function pwd($j,$key){ $x = dcryp($j,$key); $x = explode('-',$x); return $x[0];}
function pwd2($j,$key){ $x = dcryp($j,$key); $x = explode('-',$x); return $x[1];}
function auth(){$realm="Authentification PHPindex";
Header("WWW-Authenticate: Basic realm='".$realm."'");Header("HTTP/1.0 401 Unauthorized");
echo "Vous ne pouvez accéder à cette page"; }
if( !isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['PHP_AUTH_PW']) ) {auth();
} else {
if( $_SERVER['PHP_AUTH_USER'] == dcryp($user,$key) && $_SERVER['PHP_AUTH_PW'] == pwd($pwd,$key) && $time == pwd2($pwd,$key)) {
echo '';
} else{ auth();}}
?>