PHP and SQLite: How to handle cross-domain requests and authentication
Introduction:
In modern web development, many applications need to communicate with different domains and need to authenticate users . This article will introduce how to use PHP and SQLite to handle cross-domain requests and authentication issues.
1. Cross-domain request
Cross-domain request means that the client sends a request to a server with a different domain name through AJAX or other methods. By default, browsers disable cross-domain requests because this may cause security issues. However, we can allow specific cross-origin requests through server-side settings.
The following is a sample code that demonstrates how to enable cross-origin requests:
header("Access-Control-Allow-Origin: http://example. com"); // Allow cross-domain requests for http://example.com
header("Access-Control-Allow-Methods: GET, POST, OPTIONS"); // Allowed request methods
header ("Access-Control-Allow-Headers: Content-Type, Authorization"); // Allowed request headers
// Code for processing cross-domain requests
?>
In the above code, we use the header function to set the Access-Control-Allow-Origin header to allow cross-domain requests for http://example.com. We also set the allowed request methods and request headers through the header function.
2. Authentication
In many applications, users need to be authenticated to access specific functions or resources. Using PHP and SQLite we can easily handle user authentication.
The following is a sample code that demonstrates how to protect resources through authentication:
$username = $_SERVER['PHP_AUTH_USER'];
$ password = $_SERVER['PHP_AUTH_PW'];
// Connect to SQLite database
$db = new SQLite3('database.db');
// Query user table
$query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$result = $db->query($query);
// Check if there is a matching user
if ($result->fetchArray()) {
// 用户验证通过 echo "Access granted!";
} else {
// 用户验证失败
header("WWW-Authenticate: Basic realm='Restricted Area'");
header("HTTP/1.0 401 Unauthorized");
echo "Access denied!";}
?>
In the above code, we first obtain the client's username and password. We then connect to the SQLite database and query the users table to check if the username and password match.
If there is a matching user, we can allow the user to access the resource. Otherwise, we send the HTTP 401 Unauthorized status code and WWW-Authenticate header through the header function to prompt the user for authentication.
Summary:
This article introduces how to use PHP and SQLite to handle cross-domain requests and authentication issues. We used sample code to explain how to enable cross-domain requests and authenticate users. I hope these examples can help you deal with cross-domain requests and authentication issues in real projects.
The above is the detailed content of PHP and SQLite: How to handle cross-domain requests and authentication. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
