-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 While this isn't a really a PHP problem, I figured I can't be the first person to ever have tried to solve this problem. Basically I have a web site with many kinds of content (static html, PHP, cgi's of various flavors, etc) and I'm looking to create a way to do user authentication and authorization against a DB for all this content. While there are various existing solutions to do this (like mod_auth_db), none of them seemed to fit my requirements: 1) Support *my* MySQL database schema 2) Light memory usage (ie, no modperl) 3) Support any kind of content (cgi, php, static html, etc) 4) Not require changes to existing content (ie, I don't want to do a require "security.php"; in all the php pages I want to secure). The closest I've come so far is using mod_layout to allow my custom PHP script to generate HTTP headers so that I can do the user authentication myself. This is actually working very well for most pages and is completely content agnostic since it's sourced via the Apache server, not the content. The problem with this is that mod_layout's LayoutHTTPHeader option seems to be eating any POST's that CGI's or PHP scripts use. The mod_layout list has been completely useless in trying to find the answer to this issue. So, does anyone have another viable solution to this problem? Are there any builtin PHP options to source a php script during the http header generation process for any content (not just other PHP scripts)? Are there any other modules other than mod_layout that can do this? I know I can do this with mod_perl, but it's a lot more memory intensive than PHP so I'd like to avoid it if possible. Thanks. - -- Aaron Turner <[EMAIL PROTECTED]|synfin.net|linuxkb.org> URI:www.synfin.net They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin pub 1024D/F86EDAE6 Sig: 3167 CCD6 6081 0FFC B749 9A8F 8707 9817 F86E DAE6 All emails by me are PGP signed; a lack of a signature indicates a forgery. I have retired my PGP 2.6.2 key: FBE1 CEED 57E4 AB80 596E 60BF 451B 20E8 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Public key at: http://www.synfin.net/aturner/pgpkey.asc iEYEARECAAYFAjp2CJUACgkQhweYF/hu2ubc2gCfWeJTNlVgKrv/CrOyHoqRzbaI XLkAn2LuiTg0lkYIyAdutAqXRyPnT8i4 =ytFC -----END PGP SIGNATURE----- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]