Search the Community

Hello once again! On my server there exists a directory that I have used cPanel to protect (as it has some pdf files I want to keep from unauthorized users). For our purposes, let's say the directory is named "secure", the realm is "zone", and I have created a user with the name "Aladdin" and the password "magicwand". These are not real values, but let's just pretend they are. Here's what I want to have happen: User logs in to site account system (which I've built). User visits a page, say authorize.php, which essentially authorizes the user to the secure directory. User is redirected to secure/index.php without needing to enter a username and password. Is this possible? Here is my (modified) authorize.php file. <?php // perform login check (Is the user logged in to a site account?) - if yes, sets $loggedin to true if($loggedin) { $permission = $row['math']; // Retrieve permission from the database. if($permission == 0) { // If the user's account has not been authorized... header('Location: index.php?permissionDenied=true'); // redirect them to the main page and inform them } else { // You have permission! Proceed! header('Authorization: Basic '.base64_encode('Aladdin:magicwand')); header('Location: secure/index.php'); // obviously substituting in the full URL of the index page. } } With this code, the user is still prompted for the credentials of realm "zone" at secure/. Thanks for your help!