Ok .. Upon success, read the current directory and create links to each
file on the fly "readdir()". That should even give the chance to customize
your directory listing ..!!
Baher
------------------
>From: Helmut Tessarek <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: [PHP-DB] authentication in a browsing directory
>Date: Wed, 21 Feb 2001 23:11:13 +0100
>
>Hi,
>
>I've got some directories that should be accessed via the browser. This
>works fine.
>To secure a directory I always used the directives in the .htaccess
>file. This works aswell.
>Now I wrote a little PHP script that looks in a table of a database if
>the user is allowed to access the page or not.
>So far, so good.
>The problem is that (since index.php is automatically called regarding
>to the DirectoryIndex directive) the directory
>is never listed.
>I'm pretty sure that there is a way how to manage this, but
>unfortunately I don't get it.
>Is there a header request that lists the directory without looking for
>the index.html and index.php?
>
>Below is the code of my index.php (DirectoryIndex index.html index.php):
>
><?
>function authenticate() {
> $realm = "Test Realm";
> Header("WWW-authenticate: basic realm=\"$realm\"");
> Header("HTTP/1.0 401 Unauthorized");
> // Header("status: 401 Unauthorized"); // This had to be used for
>earlier Apache versions
> ?>
> You need a valid user id.
> <?
> exit;
>}
>
>if( !isset( $PHP_AUTH_USER )) {
> authenticate();
>} else {
> $conn = odbc_connect("db", "user", "pwd");
> if (!$conn){
> ?>
> <H2>Error connecting to database!</H2>
> <?
> } else {
> $id = strtolower( $PHP_AUTH_USER );
> $query = "select * from table where id='$id' and
>pwd='$PHP_AUTH_PW'";
> $res = odbc_exec( $conn, $query );
>
> if( !odbc_num_rows( $res ))
> authenticate();
>
> }
>}
>
>echo "Success"; // Here should be a statement that would list the
>directory as it would be shown without the index.php file
>
>?>
>
>--
>
>--- Helmut <NoCarrier> Tessarek --- [EMAIL PROTECTED] ---
>
> IBM Certified Solution Expert
> Microsoft Certified Systems Engineer (MCP, MCP+I, MCSE)
> Karmarschgasse 53/1/3/11, A-1100 Vienna, Austria
>
>----------------- http://www.evermeet.cx -----------------
>
>
>
>--
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
