Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Paul James' Blog:
HTTP Authentication with HTML Forms
Jun 20, 2006 @ 06:02:45

In this new tutorial on Paul James' blog, they spotlight a method for authentication on your site using the traditional HTTP authentication method, but with the customizable frontend of an HTML form.

The main reason people walk away from using HTTP authentication is that they want control over the look of the login form and most browsers display an awful looking dialog box. So what we need is a way for HTML forms to pass HTTP auth data when it's submitted. The HTML spec provides HTML forms as a way to create queries and to POST urlencoded data to a URL, but can we subvert it?

They show that, with the help of some simple Javascript, it can be accomplished. They give the code example to make it all work, including a bit of PHP code to validate the inputted data against two predefined constants. They also include another method, using HTTP Digest, to authenticate without the need to send the login information out to the server plain-text.

tagged: http authentication custom method javascript digest http authentication custom method javascript digest

Link: