Here is my question. It involves using PHP and apache's .htaccess files. What I basically want to know is, how do I redirect a bas user after a failed Authentication attempt.
Example: One PHP script checks to see if $PHP_AUTH_USER is set and if not calls header( sprintf("WWW-authenticate: basic realm=\"%s\"", $g_auth_realm )); header( "HTTP/1.0 401 Unauthorized" ); to get them to provide a username and password. Now, how to I check that against the .htaccess and .htpasswd files I have in a subdirectory below the script. The way I have it working now is that I check to see if $PHP_AUTH_USER is set, and if it is, I send them to the page that is a directory down behind the .htaccess file. Working that way, if they are an invalid user, they are prompted again, if they hit cancel, they get the 401 page. I want to give them a custom error message instead of the generic 401 page. Any ideas on how to avoid the 401 page? Thank you, Todd