There is a way to supposedly do this by authenticating a username and
password through php first through such methods as database lookups and
then passing the username and password through $PHP_AUTH_USER and
$PHP_AUTH_PW using the header() command to point to the URL of the
.htaccess protected directory but I have never gotten it to work myself.
if ($pass = $pass) {
header("Location:$PHP_AUTH_USER:$PHP_AUTH_PW@http://www.someprotectedsite.com";);
}
My command above my be wrong. I haven't tried it for a while. I know you
can do such a thing on the Address bar of any browser and pass it that way
though.
Ed
On Mon, 3 Feb 2003, Chris Winters wrote:
> Chris,
>
> Exactly. I am relying on the webserver to provide the restrictions.
>
> Now my next question:
> what functions should I utilize or come close to to do it? There isnt any
> PHP pages directed towards teh directory itself. Its is just a hard link to
> the protected areas. Are there any functions that support it?
>
> Im googling now ;)
>
> Thanks for your answers in advanced and previously.
> Chris
>
> "Chris Shiflett" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > --- Chris Winters <[EMAIL PROTECTED]> wrote:
> > > So, if one was to protect a directory or folder, a
> > > regular dialog will appear for username and passcode
> > > prompt within the web browser. I was researching some
> > > variables that I came across which is called
> > > $PHP_AUTH_USER, $PHP_AUTH_PW, and $PHP_AUTH_TYPE.
> >
> > Yes, these variables deal with HTTP basic authentication.
> >
> > > I would like to by pass that by a user entering the
> > > username and passcode via HTML, instead of the dialog
> > > showing.
> >
> > In that case, you will want to do exactly as you say,
> > collect the username and password via an HTML form and
> > authenticate the credentials with PHP. It sounds like you
> > are currently relying on your Web server to provide the
> > access restrictions.
> >
> > So, you can either:
> >
> > 1. Keep HTTP basic authentication enabled in the Web server
> > for these directories and live with the behavior.
> > 2. Turn off HTTP basic authentication in the Web server and
> > write a login page in PHP. It is then up to you to control
> > access to whatever resources you want to protect, so this
> > will require a bit of work on your part.
> >
> > Hope that helps.
> >
> > Chris
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
