Jump to content

login with PHP - folder protected with .htaccess


rafdre

Recommended Posts

Hello,

I am trying to find a solution for simple logon script in PHP (but not copy existing one, but try to write and understand it by myself, anyway: free scripts I have found do not solve my problem).

I am using PHP 5.0.4 installed on Fedora 4.
I want to use .htaccess file in order to protect the folder.

Let me explain my problem in details:

1) I have created folder ABC where I put .htaccess file like this:

AuthType Basic
AuthName "test for authorization"
AuthUserFile /var/www/html/passwd/password
Require user raf

2) I have added user “ raf “to the file password stored in /var/www/html/passwd/

3) I have created file test.html in protected folder

4) When I tried to open a file in Browser I was asked for user and password, which works fine.

...and here begins my problem.
I don't like window generated by Apache. I want that users will see nice page with logon form, on which user name and password can be entered.

In order to do this I have created file welcome.html with form like this:

<form method="POST" action="login.php">
<input type="text" size=10 maxlength=10 name="formUser">
<input type="password" size=10 maxlength=10 name="formPassword">
<input type="submit" value="Log in">
</form>

My login.php file looks like this:

<?php
$user = $_POST['formUser'];
$pass = $_POST['formPassword'];

if (!isset($user) || !isset($pass))
return false;
?>
<html>
<body>
<?php

$_SERVER['PHP_AUTH_USER'] = $user;
$_SERVER['PHP_AUTH_PW']= $pass;
$test1 = $_SERVER['PHP_AUTH_USER'];
$test2 = $_SERVER['PHP_AUTH_PW'];

print ("Your user: $test1 <br> Your Password : $test2");
?>

</body>
</html>

Files welcome.html and login.php are one level higher than folder ABC.
After I have opened welcome.html I have entered valid user name (raf) and password as defined in .htaccess and password file. As result I saw the message:
Your user: raf
Your Password : raf

Which means login.php works fine.
If I try to open test.html stored in the folder ABC I am asked for user and password. Why? I though Apache has registered this after login.php was executed (with $_SERVER['PHP_AUTH_USER']).
What I am doing wrong? How should I do it correctly?
How can I avoid standard prompt window and pass user and password to Apache in that way (via login.php), that I will be not asked again to enter this and display standard logon window?

Next question: how can I log off and enter folder with different user.

Regards
Rafal
Link to comment
Share on other sites

  • 8 months later...
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.