I cannot quote any statistics for you, but I think I can answer your question anyway.
When you use htaccess along with htpassword or authmysql, everytime a person requests a page in a protected dirtectory apache has to access the htaccess file, determine the type of authentication to use and then pass authentication on to (for example) authmysql. Just because you only see a login prompt one time does not mean that this happens only once. With every new page request this proceedure is called into play over and over again. Although I have no statistical evidence to back uo this assertion, I can tell you from experience and common sense that there is no way that autoprepending a simply session script is going to take more system resources than the apache authentication method outlined above. Fred Jeff Hill <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Well, your the expert, so I'll look into this further, but do you have > any statistics, or a guess, as to the load auto_prepending an entire > site would add to a server? > > I've always been under the impression that adding PHP to every page will > add significant load. I'm not familiar enough with session management, > but it seems like your setup would add a heavy load? > > Currently, only a small portion of our pages are PHP -- those linking > into databases and covering the front end negotiation. > > Again, your the expert, so I'll just have to do some research. Thanks > for the suggestion. > > Jeff > > Fred wrote: > > > > I always write my own authentication scripts in PHP using PHP's built in > > session management. If you want to protect entire directories or sites, > > just add the authentication routine to your auto_prepend file and it will > > work for any page you are trying to authenticate. > > > > If set up correctly it works really well, because a user can enter the site > > from any page (perhaps from a bookmark) and if they are not logged in they > > will get a login prompt and once logged in will go directly to whatever page > > they were trying to access. > > > > Furthermore, if you write your own authentication script for use in > > auto_prepended files, you can use it with little or no modification on any > > site you desire. > > > > Fred -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
