Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Software - Troubleshooting and Discussion > Developer Center > PHP/Apache/MySQL/.htaccess question!

PHP/Apache/MySQL/.htaccess question!
Thread Tools
Simon Mundy
Grizzled Veteran
Join Date: Jun 2001
Location: Melbourne, Australia
Status: Offline
Reply With Quote
Feb 10, 2002, 03:50 AM
 
Hope someone can give me a few pointers on a restricted access section of my site that I'm playing with.

I know how to protect a folder (and its subsequent folders) with .htaccess.

I know how to keep a database of username/passwords in MySQL and how to maintain an authenticated session using Apache and MySQL.

But what I want to know is - can I setup a situation whereby a user can enter their username/password using a standard HTML form, have PHP/MySQL authenticate that l/p, redirect the user to a folder that I've specified, then have a session automatically authenticate against the settings I've specified in the .htaccess file?

Since the different folders would contain some client test sites, I don't want to have to modify all the pages into PHP files to perform the authentication check for every page (major pain!), so I'm looking for a way for PHP to work with the server directly to save myself some work.

Any ideas?
Computer thez nohhh...
     
ReggieX
Professional Poster
Join Date: Oct 2000
Location: Toronto, ON
Status: Offline
Reply With Quote
Feb 12, 2002, 01:46 AM
 
A faster/better way would be to just password protect the folders with .htaccess, and send the right URL to the clients you want. When they go to the URL provided, a standard login dialog box will appear.

You need shell access (either Telnet or SSH) to the web server, but it's pretty easy to do:
Good tutorial
The Lord said 'Peter, I can see your house from here.'
     
Simon Mundy  (op)
Grizzled Veteran
Join Date: Jun 2001
Location: Melbourne, Australia
Status: Offline
Reply With Quote
Feb 12, 2002, 03:09 PM
 
Originally posted by ReggieX:
<STRONG>A faster/better way would be to just password protect the folders with .htaccess, and send the right URL to the clients you want. When they go to the URL provided, a standard login dialog box will appear.

You need shell access (either Telnet or SSH) to the web server, but it's pretty easy to do:
Good tutorial</STRONG>
Thanks ReggieX, but I'm not too keen on the standard input box. Call me retentive, but I'd prefer to make my own snappy-looking form. Besides, the passwords from these dialogs are sent as plain text over the network which isn't super-safe.

I've already got the folders protected with .htaccess - my ISP has a great CGI which allows full administration of users / groups / permissions, etc.

But I really wanted to know if I could do a 'soft' authentication with PHP - by setting the variables $PHP_AUTH_USER and $PHP_AUTH_PW from the data I've just entered in a login form

So using a header location to redirect to the correct folder, I'm hoping that a user will stay authenticated if the login and password variables match values within the .htaccess / .htpassword files.

I haven't tried this yet - time is at a premium at the moment! I just wanted to talk this through aloud to see if anyone could confirm / deny this or had any bright ideas.
Computer thez nohhh...
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -5. The time now is 06:05 PM.
All contents of these forums © 1995-2011 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.7 © 2000-2011, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2