Here is my question. It involves using PHP and apache's .htaccess files.
What I basically want to know is, how do I redirect a bas user after a
failed Authentication attempt.
Example:
One PHP script checks to see if $PHP_AUTH_USER is set and if not calls
header( sprintf("WWW-authenticate: basic realm=\"%s\"", $g_auth_realm ));
header( "HTTP/1.0 401 Unauthorized" );
to get them to provide a username and password. Now, how to I check that
against the .htaccess and .htpasswd files I have in a subdirectory below the
script.
The way I have it working now is that I check to see if $PHP_AUTH_USER is
set, and if it is, I send them to the page that is a directory down behind
the .htaccess file. Working that way, if they are an invalid user, they are
prompted again, if they hit cancel, they get the 401 page. I want to give
them a custom error message instead of the generic 401 page.
Any ideas on how to avoid the 401 page?
Thank you,
Todd
