Hi,
When using .htaccess files the request does not reach
your scripts untill Apache has done his authentication.
So, I suggest you take out the .htaccess part for authentication
and deal with it only from PHP; for instance with sessions:
1. Ask for user/pass on first page and authnticate against DB
2. If ok, put it in the $_SESSION
3. When in the user dir, check his session and if he/she is not
authenticated make authentication with PHP (your code below)
Hope this helps,
Catalin
"Michael HüBner" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hallo,
>
> Hope somebody can help me.
>
> I'm working on Linux, Apache.
>
> On my start-site the user can log in via inserting Username and Password
> into normal formfields, which are compared with a DB.
>
> After this login, he can change to his own user-directory which is
.htpasswd
> and .htaccess protected. Thats the reson he has to insert his Username and
> Password again ;(
>
> My Question:
>
> Is there a way, so the user has to insert his data only once?
>
> I've also tried it by doing a authentification like this first:
>
> <?php
> if (!isset($_SERVER['PHP_AUTH_USER'])) {
> Header("WWW-Authenticate: Basic realm=\"My Realm\"");
> Header("HTTP/1.0 401 Unauthorized");
> echo "Text to send if user hits Cancel button\n";
> exit;
> } else {
> echo "Hello {$_SERVER['PHP_AUTH_USER']}";
> echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
> }
> ?>
>
> but it doesn't work for me, because when switching to the userdirs, the
> .htaccess authentification window pops up again (it is the same pwd and
uid
> in the DB and the .htpasswd) ;(
>
> Thank you in advance,
>
> Michael
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
