Jump to content


login with PHP - folder protected with .htaccess

  • Please log in to reply
1 reply to this topic

#1 rafdre

  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 21 June 2006 - 12:45 PM


I am trying to find a solution for simple logon script in PHP (but not copy existing one, but try to write and understand it by myself, anyway: free scripts I have found do not solve my problem).

I am using PHP 5.0.4 installed on Fedora 4.
I want to use .htaccess file in order to protect the folder.

Let me explain my problem in details:

1) I have created folder ABC where I put .htaccess file like this:

AuthType Basic
AuthName "test for authorization"
AuthUserFile /var/www/html/passwd/password
Require user raf

2) I have added user “ raf “to the file password stored in /var/www/html/passwd/

3) I have created file test.html in protected folder

4) When I tried to open a file in Browser I was asked for user and password, which works fine.

...and here begins my problem.
I don't like window generated by Apache. I want that users will see nice page with logon form, on which user name and password can be entered.

In order to do this I have created file welcome.html with form like this:

<form method="POST" action="login.php">
<input type="text" size=10 maxlength=10 name="formUser">
<input type="password" size=10 maxlength=10 name="formPassword">
<input type="submit" value="Log in">

My login.php file looks like this:

$user = $_POST['formUser'];
$pass = $_POST['formPassword'];

if (!isset($user) || !isset($pass))
return false;

$_SERVER['PHP_AUTH_USER'] = $user;
$_SERVER['PHP_AUTH_PW']= $pass;
$test1 = $_SERVER['PHP_AUTH_USER'];
$test2 = $_SERVER['PHP_AUTH_PW'];

print ("Your user: $test1 <br> Your Password : $test2");


Files welcome.html and login.php are one level higher than folder ABC.
After I have opened welcome.html I have entered valid user name (raf) and password as defined in .htaccess and password file. As result I saw the message:
Your user: raf
Your Password : raf

Which means login.php works fine.
If I try to open test.html stored in the folder ABC I am asked for user and password. Why? I though Apache has registered this after login.php was executed (with $_SERVER['PHP_AUTH_USER']).
What I am doing wrong? How should I do it correctly?
How can I avoid standard prompt window and pass user and password to Apache in that way (via login.php), that I will be not asked again to enter this and display standard logon window?

Next question: how can I log off and enter folder with different user.


#2 justhost

  • New Members
  • Pip
  • Newbie
  • 6 posts

Posted 10 March 2007 - 01:01 AM

Did you ever get a resolution to this? This is exactly what I am trying to do with similar results.....

Thank you.
Keith Gallant

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users