I am trying to find a solution for simple logon script in PHP (but not copy existing one, but try to write and understand it by myself, anyway: free scripts I have found do not solve my problem).
I am using PHP 5.0.4 installed on Fedora 4.
I want to use .htaccess file in order to protect the folder.
Let me explain my problem in details:
1) I have created folder ABC where I put .htaccess file like this:
AuthName "test for authorization"
Require user raf
2) I have added user “ raf “to the file password stored in /var/www/html/passwd/
3) I have created file test.html in protected folder
4) When I tried to open a file in Browser I was asked for user and password, which works fine.
...and here begins my problem.
I don't like window generated by Apache. I want that users will see nice page with logon form, on which user name and password can be entered.
In order to do this I have created file welcome.html with form like this:
<form method="POST" action="login.php">
<input type="text" size=10 maxlength=10 name="formUser">
<input type="password" size=10 maxlength=10 name="formPassword">
<input type="submit" value="Log in">
My login.php file looks like this:
$user = $_POST['formUser'];
$pass = $_POST['formPassword'];
if (!isset($user) || !isset($pass))
$_SERVER['PHP_AUTH_USER'] = $user;
$test1 = $_SERVER['PHP_AUTH_USER'];
$test2 = $_SERVER['PHP_AUTH_PW'];
print ("Your user: $test1 <br> Your Password : $test2");
Files welcome.html and login.php are one level higher than folder ABC.
After I have opened welcome.html I have entered valid user name (raf) and password as defined in .htaccess and password file. As result I saw the message:
Your user: raf
Your Password : raf
Which means login.php works fine.
If I try to open test.html stored in the folder ABC I am asked for user and password. Why? I though Apache has registered this after login.php was executed (with $_SERVER['PHP_AUTH_USER']).
What I am doing wrong? How should I do it correctly?
How can I avoid standard prompt window and pass user and password to Apache in that way (via login.php), that I will be not asked again to enter this and display standard logon window?
Next question: how can I log off and enter folder with different user.
login with PHP - folder protected with .htaccess
1 reply to this topic
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users