agwells/test-php-basic-auth.php

## test-php-basic-auth.php
<?php
function require_auth() {
	$AUTH_USER = 'admin';
	$AUTH_PASS = 'admin';
	header('Cache-Control: no-cache, must-revalidate, max-age=0');
	$has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));
	$is_not_authenticated = (
		!$has_supplied_credentials ||
		$_SERVER['PHP_AUTH_USER'] != $AUTH_USER ||
		$_SERVER['PHP_AUTH_PW']   != $AUTH_PASS
	);
	if ($is_not_authenticated) {
		header('HTTP/1.1 401 Authorization Required');
		header('WWW-Authenticate: Basic realm="Access denied"');
		exit;
	}
}

if (array_key_exists('logout', $_REQUEST)) {
   header('HTTP/1.1 401 Authorization Required');
   header('WWW-Authenticate: Basic realm="Access denied"');
   exit();
}
require_auth();

?><p>You're in!</p>
<p><a href="?logout=401">Log out via 401</a></p>
<p><a href="//nosuchuser@<?php echo $_SERVER['HTTP_HOST']; echo $_SERVER['REQUEST_URI']; ?>">Log out via username in URL</a></p>
	<?php
	function require_auth() {
	$AUTH_USER = 'admin';
	$AUTH_PASS = 'admin';
	header('Cache-Control: no-cache, must-revalidate, max-age=0');
	$has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));
	$is_not_authenticated = (
	!$has_supplied_credentials \|\|
	$_SERVER['PHP_AUTH_USER'] != $AUTH_USER \|\|
	$_SERVER['PHP_AUTH_PW'] != $AUTH_PASS
	);
	if ($is_not_authenticated) {
	header('HTTP/1.1 401 Authorization Required');
	header('WWW-Authenticate: Basic realm="Access denied"');
	exit;
	}
	}

	if (array_key_exists('logout', $_REQUEST)) {
	header('HTTP/1.1 401 Authorization Required');
	header('WWW-Authenticate: Basic realm="Access denied"');
	exit();
	}
	require_auth();

	?><p>You're in!</p>
	<p><a href="?logout=401">Log out via 401</a></p>
	<p><a href="//nosuchuser@<?php echo $_SERVER['HTTP_HOST']; echo $_SERVER['REQUEST_URI']; ?>">Log out via username in URL</a></p>