Jump to content

Archived

This topic is now archived and is closed to further replies.

js_280

Passing htaccess authorization with PHP?

Recommended Posts

This may not be the correct forum to post this in, but is there a way to embed a username/password (or pass $PHP_AUTH_USER / $PHP_AUTH_PW) into a php script to redirect a user that has already logged in through a php/mysql portal to an htaccess protected directory WITHOUT having to login through the Apache login prompt? The [a href=\"http://username:password@www.yoursite.com\" target=\"_blank\"]http://username:password@www.yoursite.com[/a] redirect no longer works with IE6 or many other web browsers. I don't have direct access to the htaccess file, so changing the file is not an option.

Basically, I have client folders set up on the webhost and when the client logs in through php/mysql interface, he/she is passed to ./clientdirectory/main.php. When he/she reaches the directory, the php script (main.php) reads all of the files in the directory and creates an html link to download the files. The main.php script checks to see that a session is registered and that the client is in their correct directory, however if someone knew the exact filename of one of the files in that client's folder, they could download it directly by entering the url (www.yoursite.com/client1/file.txt) because their is nothing to check for a registered session or correct directory.

If there is no way to do this, is there a way to prevent the files from being downloaded and still allow scripts to process?

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.