我想用htaccess以及htpasswd的文件和PHP的服务器端code创建一个登录系统，但是当我在用户登录希望能够识别用户，所以我怎么能知道用户输入在为自己的用户名使用PHP code（我想我不需要知道密码，如果他们已经成功地访问受限页）？

I want to create a log in system using htaccess and htpasswd file and PHP for the server-side code, but when the user logs in I want to be able to identify that user, so how can I know what the user typed in as their username using PHP code (I assume I won't need to know the password if they've managed to access the restricted page)?

非常感谢， 本

推荐答案

您只需要下面来获取用户名是当前用于身份验证的会话：

You just need the following to get the username that is currently in use for an authenticated session:

$_SERVER['PHP_AUTH_USER']

REV1

鉴于@奔的评论我现在已经找到了PHP文档中的部分在与 HTTP认证PHP 解释这是怎么回事：

rev1

In light of @Ben's comment I've now found the section in the PHP documentation at HTTP authentication with PHP that explains what's going on:

对于PHP 4.3.0，以prevent   有人写一个脚本   揭示的密码的页面   通过了身份验证   传统的外部机制，   PHP_AUTH变量将不会被如果设置   启用了外部认证   特定页面和安全模式   启用。无论如何， REMOTE_USER 即可   被用于识别   外部认证的用户。那么你   可以使用 _ SERVER ['REMOTE_USER'] 。

As of PHP 4.3.0, in order to prevent someone from writing a script which reveals the password for a page that was authenticated through a traditional external mechanism, the PHP_AUTH variables will not be set if external authentication is enabled for that particular page and safe mode is enabled. Regardless, REMOTE_USER can be used to identify the externally-authenticated user. So, you can use _SERVER['REMOTE_USER'].