passing login info to .htaccess

Forum Moderators: phranque

Message Too Old, No Replies

passing login info to .htaccess

ThePosob

2:40 am on Jan 6, 2007 (gmt 0)

I have a site where there are many folders, each with their own .htaccess/.htpasswd protection. As of now, I have a script, in which the user login in, php validates the user using an SQL table, and then forwards that user to the proper directory.
The user is then prompted to login again. Is there anyway to pass the information to the .htaccess file since the user has already been validated, and prevent having to login twice?
Thanks!

eelixduppy

2:48 am on Jan 6, 2007 (gmt 0)

Welcome to WebmasterWorld, ThePosob!

Have you considered using Sessions [us3.php.net]? It should make your project much easier and they'll only have to login once. After the first login you can redirect them using header [us3.php.net].


header("Location: /their/directory/index.html");

Good luck! :)

jdMorgan

2:52 am on Jan 6, 2007 (gmt 0)

See Apache core "Satisfy any" directive.

In conjunction with mod_auth and mod_access, a check using mod_rewrite or setenvif for a "logged in" session cookie to set an environment variable, may enable you to by-pass the Apache login.

You may find a better way based on the info your login script maintains, but the "Satisfy any" is the key to bypassing the mod_auth/mod_access login.

Jim

ThePosob

3:25 am on Jan 6, 2007 (gmt 0)

so then am i to understand that sessions replaces .htaccess?
i am new to sessions, familar with header(), but after reading through alot of the sessions documentation, don't exactly see how this solves the issue

ThePosob

3:53 am on Jan 6, 2007 (gmt 0)

I figured there should be some way to simply pass the login/password into the .htpasswd, especially as .htaccess works so seemlessly with SQL (I have it setup to pull users and password from my database). Especially as [php.net...] shows how you can do the reverse, pull the info the .htpasswd already has.
Is there no simple solution?