View Full Version : w2box and admin pass not working, .htaccess?

03-01-2008, 10:27 PM
I know nothing much about PHP, I am using this script http://labs.beffa.org/w2box/ its a basic uploader/ file archiver thingy. I want to make it so that only admin can upload. Which it tells you how to do, just setting the boolean variables to true. But the system comes with a .htaccess file, and the host i am on does not support them, but the docs with the code said you should just delete it.

The main authorization code is

function authorize($silent=false){
global $config, $lang, $auth;
if (!$auth){
if ((empty($_SERVER['PHP_AUTH_USER']) or empty($_SERVER['PHP_AUTH_PW'])) and isset($_REQUEST['BAD_HOSTING']) and preg_match('/Basic\s+(.*)$/i', $_REQUEST['BAD_HOSTING'], $matc))
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode($matc[1]));

if ((isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) &&
($_SERVER['PHP_AUTH_USER'] == $config['admin_username'] && $_SERVER['PHP_AUTH_PW']==$config['admin_password'])) {
$auth = true; // user is authenticated
} else {
if (!$silent) {
header( 'WWW-Authenticate: Basic realm="w2box admin"' );
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Your are not allowed to access this function!';


I was just going to remove all the BAD_HOST stuff but I broke it. Any help on how I can fix this or find a code which does the same functionality?

My test version of the code is here: http://kandkcc.awardspace.com/4/

Oh thanks in advance to anybody who takes the time to help!