Look into the PHP_AUTH_USER variable. It is assigned through basic authentication.
Gary Every Sr. UNIX Administrator Ingram Entertainment (615) 287-4876 "Pay It Forward" mailto:[EMAIL PROTECTED] http://accessingram.com -----Original Message----- From: bmw [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 20, 2002 2:48 AM To: [EMAIL PROTECTED] Subject: [PHP-DB] securing directory tree and allowing PHP to work I am trying to find out how I can secure the directory tree of my PHP scripts from the HTTP server without preventing access to my PHP scripts once in session. Right now, if I type the URL of a subdirectory of my site, I get the index of all the files and directories. Ex: http://domaine/index.html has DB access user login and password for my session authentication to enter into my scripts and run the program. If I type http://domaine/subfolder/ I can see all the PHP code I want without logging into my site. How can I protect the server from doing this without busting access to my scripts through the login from the root level index.html? Apache/1.3.26 (Unix)/Linux mod_fastcgi/2.2.12 mod_perl/1.26 PHP 4.2.2 Robert --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.381 / Virus Database: 214 - Release Date: 02/08/2002 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php