Hi, When using .htaccess files the request does not reach your scripts untill Apache has done his authentication. So, I suggest you take out the .htaccess part for authentication and deal with it only from PHP; for instance with sessions: 1. Ask for user/pass on first page and authnticate against DB 2. If ok, put it in the $_SESSION 3. When in the user dir, check his session and if he/she is not authenticated make authentication with PHP (your code below)
Hope this helps, Catalin "Michael HüBner" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hallo, > > Hope somebody can help me. > > I'm working on Linux, Apache. > > On my start-site the user can log in via inserting Username and Password > into normal formfields, which are compared with a DB. > > After this login, he can change to his own user-directory which is .htpasswd > and .htaccess protected. Thats the reson he has to insert his Username and > Password again ;( > > My Question: > > Is there a way, so the user has to insert his data only once? > > I've also tried it by doing a authentification like this first: > > <?php > if (!isset($_SERVER['PHP_AUTH_USER'])) { > Header("WWW-Authenticate: Basic realm=\"My Realm\""); > Header("HTTP/1.0 401 Unauthorized"); > echo "Text to send if user hits Cancel button\n"; > exit; > } else { > echo "Hello {$_SERVER['PHP_AUTH_USER']}"; > echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>"; > } > ?> > > but it doesn't work for me, because when switching to the userdirs, the > .htaccess authentification window pops up again (it is the same pwd and uid > in the DB and the .htpasswd) ;( > > Thank you in advance, > > Michael -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php