<?php
require_once dirname(__FILE__) . "/../private/lib/utilities.php";
/*
Return OK if the id and password provided match.
Return 401 if the id and password provided do not match.
Return 401 & insecure if this page is being called from non-SSL.
*/
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') {
if (isset($_SERVER['PHP_AUTH_USER'])) {
$id = $_SERVER['PHP_AUTH_USER'];
$password = md5($_SERVER['PHP_AUTH_PW']);
$mysqli = Database::connect();
if (Employer::simple_authenticate($mysqli, $id, $password)) {
header('HTTP/1.0 200 OK');
exit;
}
}
header('WWW-Authenticate: Basic realm="Yellow Elevator"');
header('HTTP/1.0 401 Unauthorized');
exit;
} else {
header('HTTP/1.0 401 Unauthorized');
echo 'insecure';
exit;
}
