Jump to content

Archived

This topic is now archived and is closed to further replies.

rafdre

login with PHP - folder protected with .htaccess

Recommended Posts

Hello,

I am trying to find a solution for simple logon script in PHP (but not copy existing one, but try to write and understand it by myself, anyway: free scripts I have found do not solve my problem).

I am using PHP 5.0.4 installed on Fedora 4.
I want to use .htaccess file in order to protect the folder.

Let me explain my problem in details:

1) I have created folder ABC where I put .htaccess file like this:

AuthType Basic
AuthName "test for authorization"
AuthUserFile /var/www/html/passwd/password
Require user raf

2) I have added user “ raf “to the file password stored in /var/www/html/passwd/

3) I have created file test.html in protected folder

4) When I tried to open a file in Browser I was asked for user and password, which works fine.

...and here begins my problem.
I don't like window generated by Apache. I want that users will see nice page with logon form, on which user name and password can be entered.

In order to do this I have created file welcome.html with form like this:

<form method="POST" action="login.php">
<input type="text" size=10 maxlength=10 name="formUser">
<input type="password" size=10 maxlength=10 name="formPassword">
<input type="submit" value="Log in">
</form>

My login.php file looks like this:

<?php
$user = $_POST['formUser'];
$pass = $_POST['formPassword'];

if (!isset($user) || !isset($pass))
return false;
?>
<html>
<body>
<?php

$_SERVER['PHP_AUTH_USER'] = $user;
$_SERVER['PHP_AUTH_PW']= $pass;
$test1 = $_SERVER['PHP_AUTH_USER'];
$test2 = $_SERVER['PHP_AUTH_PW'];

print ("Your user: $test1 <br> Your Password : $test2");
?>

</body>
</html>

Files welcome.html and login.php are one level higher than folder ABC.
After I have opened welcome.html I have entered valid user name (raf) and password as defined in .htaccess and password file. As result I saw the message:
Your user: raf
Your Password : raf

Which means login.php works fine.
If I try to open test.html stored in the folder ABC I am asked for user and password. Why? I though Apache has registered this after login.php was executed (with $_SERVER['PHP_AUTH_USER']).
What I am doing wrong? How should I do it correctly?
How can I avoid standard prompt window and pass user and password to Apache in that way (via login.php), that I will be not asked again to enter this and display standard logon window?

Next question: how can I log off and enter folder with different user.

Regards
Rafal

Share this post


Link to post
Share on other sites
Did you ever get a resolution to this? This is exactly what I am trying to do with similar results.....

Thank you.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.