Jump to content

Can You Bypass the htaccess popup with PHP

perficut

By perficut
in PHP Coding Help

 Share

Recommended Posts

perficut Member

perficut

Posted
Posted

I've finally gotten my htaccess/htpassword scripts working and now I would like to know if its possible to eliminate the popup login. Perhaps use a form login and pass the parameter to htaccess? 

 

I've done a search and see that adding the username:password to the URL does this but when I do so, I get http/username:password@www.secretpage.html not found.

 

 

MadTechie Regular Member

MadTechie

Posted
Posted

It "could" be a problem with your IE7....if you can get someone else to check it would be useful

 

 

the likely fix

Register the following Internet Explorer dll files

Click Start, click Run, type:
Regsvr32 jscript.dll
Regsvr32 softpub.dll
Regsvr32 mssip32.dll
Regsvr32 initpki.dll
Regsvr32 msxml3.dll
Now optimize Internet Explorer for browsing secured sites

Open Internet Options, make the folowing changes
General Tab\ Delete...\
Delete cookies, temporary internet files
Security Tab
Reset all zones to Default
Privacy Tab
Reset to default
Content Tab
Clear SSL State
Programs Tab
Reset Web Settings
Advanced Tab\ Security
Check SSL 2.0 & 3.0
Un-Check Use TLS 1.0
Restore Defaults

 

or a repair IE7

http://support.microsoft.com/kb/917964

perficut Member

perficut

Posted
  • Author
Posted

I just tried your suggestion and apparently I do NOT have the  initpki.dll  installed. I get an error to the effect of file not found.

 

I made all the other adjustments, and when I try to enter the private section again and get the same messgae.  "windows can not find .... check the spelling and try again."

 

perficut Member

perficut

Posted
  • Author
Posted

tried it on IE6 at work. Same problem, different message. Got the default page not found message with IE6.

 

You can check it out if you want.

 

http://rob:rob@mdsnowremoval.com/private/index.htm

 

of course the login id is rob and the pw is rob.

 

I posted on another forum and was told that passing the id:pw this way has been a known security issue and to cause problems. I'm thinking of maybe finding another way to secure things. I already store the user info in an sql database. so if I can find some way to use php to access and verify the login info this might be easier.

 

MadTechie Regular Member

MadTechie

Posted
Posted

After some tests, it seams there is no workaround. The automatic login option in IE works with

integrated authentication only. This is because basic authentication, exposes the password (at both the network and application layers)

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.