?? auth.zhtml
字號:
<!-- This file shows how to use the ZHTML authorization features (i.e., the
auth() statement). See the tags in the <FORM> ... </FORM> section. -->
<HTML>
<HEAD>
<TITLE>Authentication and Authorization</TITLE>
</HEAD>
<BODY>
<H1>Authentication and Authorization</H1>
The first form below is separate from the second form. That is, if you submit
the second form (clicking the second submit button), then only the variable on
that form is sent. The purpose of the second form is to demonstrate what
happens when a user attempts to update a read-only variable.
<P>
Note that to change user logins, you will likely need to exit your web browser,
restart it, and go back to the protected web page. This is usually the only
way to make your browser forget your user credentials.
<P>
<A HREF="/index.zhtml">Load the no-authentication page</A>
<BR>
<A HREF="/basic/index.zhtml">Load the basic authentication page</A>
<BR>
<A HREF="/digest/index.zhtml">Load the digest authentication page</A>
<H2>Main form</H2>
<FORM ACTION="index.zhtml" METHOD="POST">
<TABLE>
<!-- The following row in the table is for the foo_ro variable. Any attempt
to update it will result in a "not authorized" message. Note, however, that
it is not possible to update the variable from this form. See the bottom
of the page for a separate form that will allow you to attempt updating the
variable. -->
<TR>
<TD>foo_ro
</TD>
<TD>
<?z echo($foo_ro) ?>
</TD>
</TR>
<!-- The following row in the table is for the foo_rw variable. All users
are authorized to update it. -->
<TR>
<TD>foo_rw
<?z if (error($foo_rw)) { ?>
(ERROR!)
<?z } ?>
</TD>
<TD>
<INPUT TYPE="text" NAME="foo_rw" SIZE=5 VALUE="<?z echo($foo_rw) ?>">
</TD>
</TR>
<!-- The following row in the table is for the foo_basic_ro variable. Only
users that have authorized via the Basic method of HTTP authentication
are allowed to access this variable. The guest user is not allowed
access to this variable. The "user" user is not allowed to update this
variable. -->
<TR>
<TD>foo_basic_ro
<?z if (error($foo_basic_ro)) { ?>
(ERROR!)
<?z } ?>
</TD>
<TD>
<!-- It is possible to check if the user is authorized for this variable and to
display appropriate HTML. The auth() statement, when used within an if
conditional, allows this to happen. -->
<?z if (auth($foo_basic_ro, "rw")) { ?>
<INPUT TYPE="text" NAME="foo_basic_ro" SIZE=5
VALUE="<?z echo($foo_basic_ro) ?>">
<?z } ?>
<!-- It is also possible to check the inverse condition--is the user not
authorized? -->
<?z if (!auth($foo_basic_ro, "rw")) { ?>
<?z if (auth($foo_basic_ro, "ro")) { ?>
<!-- Displays the value without allowing the user to modify it. -->
<?z echo($foo_basic_ro) ?>
<?z } ?>
<?z } ?>
<!-- Check if the user is not even authorized to view the variable. -->
<?z if (!auth($foo_basic_ro, "ro")) { ?>
Not authorized!
<?z } ?>
</TD>
</TR>
<!-- The following row in the table is for the foo_basic_rw variable. It
works much like the above variable, except that the "user" user is allowed
to update it. -->
<TR>
<TD>foo_basic_rw
<?z if (error($foo_basic_rw)) { ?>
(ERROR!)
<?z } ?>
</TD>
<TD>
<?z if (auth($foo_basic_rw, "rw")) { ?>
<INPUT TYPE="text" NAME="foo_basic_rw" SIZE=5
VALUE="<?z echo($foo_basic_rw) ?>">
<?z } ?>
<?z if (!auth($foo_basic_rw, "rw")) { ?>
<?z if (auth($foo_basic_rw, "ro")) { ?>
<?z echo($foo_basic_rw) ?>
<?z } ?>
<?z } ?>
<?z if (!auth($foo_basic_rw, "ro")) { ?>
Not authorized!
<?z } ?>
</TD>
</TR>
<!-- The following two rows are similar to the previous two rows, except that
they only allow updates via digest authentication. -->
<TR>
<TD>foo_digest_ro
<?z if (error($foo_digest_ro)) { ?>
(ERROR!)
<?z } ?>
</TD>
<TD>
<?z if (auth($foo_digest_ro, "rw")) { ?>
<INPUT TYPE="text" NAME="foo_digest_ro" SIZE=5
VALUE="<?z echo($foo_digest_ro) ?>">
<?z } ?>
<?z if (!auth($foo_digest_ro, "rw")) { ?>
<?z if (auth($foo_digest_ro, "ro")) { ?>
<?z echo($foo_digest_ro) ?>
<?z } ?>
<?z } ?>
<?z if (!auth($foo_digest_ro, "ro")) { ?>
Not authorized!
<?z } ?>
</TD>
</TR>
<TR>
<TD>foo_digest_rw
<?z if (error($foo_digest_rw)) { ?>
(ERROR!)
<?z } ?>
</TD>
<TD>
<?z if (auth($foo_digest_rw, "rw")) { ?>
<INPUT TYPE="text" NAME="foo_digest_rw" SIZE=5
VALUE="<?z echo($foo_digest_rw) ?>">
<?z } ?>
<?z if (!auth($foo_digest_rw, "rw")) { ?>
<?z if (auth($foo_digest_rw, "ro")) { ?>
<?z echo($foo_digest_rw) ?>
<?z } ?>
<?z } ?>
<?z if (!auth($foo_digest_rw, "ro")) { ?>
Not authorized!
<?z } ?>
</TD>
</TR>
<!-- The following two rows are similar to the previous two rows, except that
they allow updates via both basic and digest authentication. -->
<TR>
<TD>foo_basic_digest_ro
<?z if (error($foo_basic_digest_ro)) { ?>
(ERROR!)
<?z } ?>
</TD>
<TD>
<?z if (auth($foo_basic_digest_ro, "rw")) { ?>
<INPUT TYPE="text" NAME="foo_basic_digest_ro" SIZE=5
VALUE="<?z echo($foo_basic_digest_ro) ?>">
<?z } ?>
<?z if (!auth($foo_basic_digest_ro, "rw")) { ?>
<?z if (auth($foo_basic_digest_ro, "ro")) { ?>
<?z echo($foo_basic_digest_ro) ?>
<?z } ?>
<?z } ?>
<?z if (!auth($foo_basic_digest_ro, "ro")) { ?>
Not authorized!
<?z } ?>
</TD>
</TR>
<TR>
<TD>foo_basic_digest_rw
<?z if (error($foo_basic_digest_rw)) { ?>
(ERROR!)
<?z } ?>
</TD>
<TD>
<?z if (auth($foo_basic_digest_rw, "rw")) { ?>
<INPUT TYPE="text" NAME="foo_basic_digest_rw" SIZE=5
VALUE="<?z echo($foo_basic_digest_rw) ?>">
<?z } ?>
<?z if (!auth($foo_basic_digest_rw, "rw")) { ?>
<?z if (auth($foo_basic_digest_rw, "ro")) { ?>
<?z echo($foo_basic_digest_rw) ?>
<?z } ?>
<?z } ?>
<?z if (!auth($foo_basic_digest_rw, "ro")) { ?>
Not authorized!
<?z } ?>
</TD>
</TR>
</TABLE>
<P>
<INPUT TYPE="submit" VALUE="Submit">
<INPUT TYPE="reset" VALUE="Reset">
</FORM>
<!-- This second form allows the user to attempt to submit a read-only variable.
This results in a denial of access. -->
<H2>Second Form</H2>
<FORM ACTION="index.zhtml" METHOD="POST">
<TABLE>
<TR>
<TD>foo_ro</TD>
<TD><INPUT TYPE="text" NAME="foo_ro" SIZE=5 VALUE="<?z echo($foo_ro) ?>"></TD>
</TR>
</TABLE>
<P>
<INPUT TYPE="submit" VALUE="Submit">
<INPUT TYPE="reset" VALUE="Reset">
</FORM>
</BODY>
</HTML>
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -