js_280 Posted March 6, 2006 Share Posted March 6, 2006 This may not be the correct forum to post this in, but is there a way to embed a username/password (or pass $PHP_AUTH_USER / $PHP_AUTH_PW) into a php script to redirect a user that has already logged in through a php/mysql portal to an htaccess protected directory WITHOUT having to login through the Apache login prompt? The [a href=\"http://username:password@www.yoursite.com\" target=\"_blank\"]http://username:password@www.yoursite.com[/a] redirect no longer works with IE6 or many other web browsers. I don't have direct access to the htaccess file, so changing the file is not an option. Basically, I have client folders set up on the webhost and when the client logs in through php/mysql interface, he/she is passed to ./clientdirectory/main.php. When he/she reaches the directory, the php script (main.php) reads all of the files in the directory and creates an html link to download the files. The main.php script checks to see that a session is registered and that the client is in their correct directory, however if someone knew the exact filename of one of the files in that client's folder, they could download it directly by entering the url (www.yoursite.com/client1/file.txt) because their is nothing to check for a registered session or correct directory.If there is no way to do this, is there a way to prevent the files from being downloaded and still allow scripts to process? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.