From HTML5 Builder
Jump to: navigation, search

The BasicAuthentication component provides authentication through HTTP.



Follow these steps to setup your BasicAuthentication component:

  1. Add an instance of the component to a webpage.
  2. Define the login data for a single user, give a value to the UserName and Password properties. You will need to do it differently for multiple users.
  3. From the OnBeforeShow event of the top-level container of your webpage, call the Execute method of your BasicAuthentication component: $this->BasicAuthentication->Execute();.

Now, whenever the page is rendered, the user will get a dialog window from the web browser asking for an username and password.

Multiple Users

If you need several combinations of username and password to access a page, you will need to use BasicAuthentication’s OnAuthenticate event. You can use that event to manually authenticate the user by checking the provided login data against your own list of username and password combinations, either hardcoded or retrieved from somewhere. You can for example check if provided login data is available on a database.

Warning: magic_quotes PHP setting does not affect the BasicAuthentication fields, so be careful.

This is a sample implementation of an event handler for the OnAuthenticate event to allow multiple users defined on a MySQL database:

function BasicAuthenticationAuthenticate($sender, $params)
  if (isset($params['username']))
    // Get provided values safely.
    $name = mysql_real_escape_string($params['username']);
    $password = mysql_real_escape_string($params['password']);

    // Get the actual password for the provided username, if any.
    $query = "SELECT pass FROM `userdata` WHERE `user` = '".$name."'";
    $result = mysql_query($query);

    // Check if provided password matches database’s.
    if($password === $row['pass'])
      return true;
    else // It does not match.
      return false;
  else // No username provided.
    return false;


PHP Functions


Invalidates the current session, so the user has to log in again.