ColinDoody Posted January 9, 2007 Share Posted January 9, 2007 Hello everyone- I sure hope Im posting in the right section ...Anyways; I was really hoping someone could help me out with this. We are developing a website to showcase work for an organization, and we have hit a little road bump with authentication ... this organization already has a central database with usernames and passwords that are used throughout the system. The people who access the website will also need to be members of this organization, so we would like to obviously access this database directly so that people dont need to reregister usernames .After logging in, we then store information to that USERNAME in our own database. So, for example, if abc1234 were to use our showcase website, we would first want abc1234 to log in to gain access to the site (verifying that login with the central database) and then when abc1234 flagged something, we would have our own database saying "abc1234 flagged xxx"Make sense so far? hopefully ... anyways ... heres the issueThe organization has said the only way they would probably allow us to do "username verification" is using a .htaccess file. Using a .htaccess file it is VERY easy to check with the central database to allow or disallow access to certain features.My question ends up being this: as far as I know, to do a username/password check with .htaccess, all I have ever seen is that sort of ... secured directory thing where a window pops up and asks for both the username and password ... but since we need to do MORE with the username, that pop-up window is insufficient ... is there any way for us to allow the user to enter username and password via two forms on a webpage and use PHP (or any technology, if anyone out there is familiar with one) that allows us to then VERIFY that the user has logged in appropriately with the htaccess file and continue using that username value as a session variable to use it in our local database?... I sure hope that made sense :DThank you for any help you can offer Quote Link to comment https://forums.phpfreaks.com/topic/33475-htaccess-verification-and-php/ Share on other sites More sharing options...
HuggieBear Posted January 9, 2007 Share Posted January 9, 2007 Allow them to use .htaccess to log in to the central database and once authenticated, pass the username to your database using the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] within PHP.RegardsHuggie Quote Link to comment https://forums.phpfreaks.com/topic/33475-htaccess-verification-and-php/#findComment-156695 Share on other sites More sharing options...
ColinDoody Posted January 9, 2007 Author Share Posted January 9, 2007 Thanks a lot Huggie :) I will present this info to my team and test it out ... and when it doesnt work Ill come running back to you crying ;DWill give it a go- thank you for the quick reply. Quote Link to comment https://forums.phpfreaks.com/topic/33475-htaccess-verification-and-php/#findComment-156722 Share on other sites More sharing options...
HuggieBear Posted January 9, 2007 Share Posted January 9, 2007 No problem!It might not work, but I'm pretty sure it does. It doesn't work the other way around, you can't login to a php site and set the values of those $_SERVER variables.RegardsHuggie Quote Link to comment https://forums.phpfreaks.com/topic/33475-htaccess-verification-and-php/#findComment-156723 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.