[PHP] Re: .htaccess authentification problem

[Michael Hübner]

Hi Catalin,

Thanks for your response.

I don't wont to do it this way, because I use the apache-module providing
automatic directory indexing. It is very fast and I don't have to program a
directory indexing by my own. Actually my server is only a Pentium 100 and
generating an index via php slows my machine down. But  maybe I don't
understand the hole thing: Is there a way to use apache's automatic
directory indexing and authentication with PHP at the same time?

Michael


Catalin Trifu [EMAIL PROTECTED] schrieb im Newsbeitrag
news:[EMAIL PROTECTED]
 Hi,

 When using .htaccess files the request does not reach
 your scripts untill Apache has done his authentication.
 So, I suggest you take out the .htaccess part for authentication
 and deal with it only from PHP; for instance with sessions:
 1. Ask for user/pass on first page and authnticate against DB
 2. If ok, put it in the $_SESSION
 3. When in the user dir, check his session and if he/she is not
 authenticated make authentication with PHP (your code below)


 Hope this helps,
 Catalin

 Michael HüBner [EMAIL PROTECTED] wrote in message
 news:[EMAIL PROTECTED]
  Hallo,
 
  Hope somebody can help me.
 
  I'm working on Linux, Apache.
 
  On my start-site the user can log in via inserting Username and Password
  into normal formfields, which are compared with a DB.
 
  After this login, he can change to his own user-directory which is
 .htpasswd
  and .htaccess protected. Thats the reson he has to insert his Username
and
  Password again ;(
 
  My Question:
 
  Is there a way, so the user has to insert his data only once?
 
  I've also tried it by doing a authentification like this first:
 
  ?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
 Header(WWW-Authenticate: Basic realm=\My Realm\);
 Header(HTTP/1.0 401 Unauthorized);
 echo Text to send if user hits Cancel button\n;
 exit;
  } else {
  echo Hello {$_SERVER['PHP_AUTH_USER']};
  echo pYou entered {$_SERVER['PHP_AUTH_PW']} as your
password./p;
}
  ?
 
  but it doesn't work for me, because when switching to the userdirs, the
  .htaccess authentification window pops up again (it is the same pwd and
 uid
  in the DB and the .htpasswd) ;(
 
  Thank you in advance,
 
  Michael

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] .htaccess authentification problem

[Michael Hübner]

Hallo,

Hope somebody can help me.

I'm working on Linux, Apache.

On my start-site the user can log in via inserting Username and Password
into normal formfields, which are compared with a DB.

After this login, he can change to his own user-directory which is .htpasswd
and .htaccess protected. Thats the reson he has to insert his Username and
Password again ;(

My Question:

Is there a way, so the user has to insert his data only once?

I've also tried it by doing a authentification like this first:

?php
  if (!isset($_SERVER['PHP_AUTH_USER'])) {
   Header(WWW-Authenticate: Basic realm=\My Realm\);
   Header(HTTP/1.0 401 Unauthorized);
   echo Text to send if user hits Cancel button\n;
   exit;
} else {
echo Hello {$_SERVER['PHP_AUTH_USER']};
echo pYou entered {$_SERVER['PHP_AUTH_PW']} as your password./p;
  }
?

but it doesn't work for me, because when switching to the userdirs, the
.htaccess authentification window pops up again (it is the same pwd and uid
in the DB and the .htpasswd) ;(

Thank you in advance,

Michael

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php