problems with htaccess password protection of file included in website wrapper

[Guest kilbad]

I have my index.php script shown below.  I have set it up so that I can call a file into the webpage wrapper based on a passed variable name.  However, I am having a problem.  Let's say I want to view the photos.php page in the wrapper.  I would have the URL http://www.example.com/index.php?id=photos (I will refer to this as URL1)  and this works fine.  If I wanted to view just the photos page without the wrapper my URL would be http://www.example.com/photos.php (we'll call this URL2) and this works fine.  However, now with regard to htaccess password protection of the photos.php file.. If I use the following code shown below, I get the user/pass popup box with URL2 but NOT URL1.  How do I get htaccess to protect the file in the case of URL1?

index.php::[code]
<?php

$id = $_GET['id'];


if ($id == "")

{
include 'header.php';
include 'frontpage.php';
include 'footer.php';
}

else

{
if (file_exists("$id.php")) {
 
include 'header.php';
include "$id.php";
include 'footer.php';

} else {

include 'header.php';
include 'error.php';
include 'footer.php';

}
}


?>
[/code]

.htaccess::[code]
<FilesMatch "(photos).php$">
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /example/.htpasswd
AuthGroupFile /dev/null
require valid-user
</FilesMatch>
[/code]