Forum Moderators: phranque
I have a file structure like this:
myInternet
...login.htm // Page for entering password+name
...login.php // Checks password+name
...failure.htm // Password+name false
...myFolder1
...myFolder2
...myLogin
.....htaccess
.....htpasswd
.....welcome1.htm
.....welcome2.htm
...myFolder3
Welcome1 is loaded into an iFrame after password+name are correct. It contains a link which calls Welcome2.htm. WHENEVER I DO THIS, I GET ASKED BY A POP-UP WINDOW TO ENTER PASSWORD+USERNAME.
My QUESTIONS:
I understood, that everything contained within the myLogin folder is password protected after adding htaccess and htpasswd to this folder. Thus, in case I create subfolders, these are protected as well. Is this correct?
I have an interface asking for password and username on my site, which is checked with those contained in .htpasswd. This check works perfectly and I am led to the welcome1.htm. The thread to welcome1.htm would be .../myInternet/myLogin/welcome1.htm. When I press the link to welcome2.htm, it states ../myInternet/welcome2.htm, ignoring the fact that both documents are in the same folder. Any ideas why this is the case?
In case I explicitely tell him to go to welcome2.htm in ../myInternet/myLogin/welcome2.htm I am supplied with a pop-up window asking for username and password again. And I just entered it correctly on the interface. Any ideas for this one?
And any ideas, how I can tell him that after entering the folder myLogin, everything in this folder is free for display? Cookies, php storing variables, an entry in htaccess? I would prefer the use of just simple .htm files within this folder myLogin.
And yes, since everything in the folders is protected, it seems logic to be asked for access again. Do you have any ideas to this problem? Please help, i am at a complete loss right now.
I have an interface asking for password and username on my site, which is checked with those contained in .htpasswd. This check works perfectly and I am led to the welcome1.htm. The thread to welcome1.htm would be .../myInternet/myLogin/welcome1.htm. When I press the link to welcome2.htm, it states ../myInternet/welcome2.htm, ignoring the fact that both documents are in the same folder.
This sounds like badly formatted HTML; does the HTML reference the '../path/to/file.html' version?
In case I explicitely tell him to go to welcome2.htm in ../myInternet/myLogin/welcome2.htm I am supplied with a pop-up window asking for username and password again. And I just entered it correctly on the interface.
If all you want to do is protect the myLogin folder, you could skip the myInternet login stuff completely, and just have the .htaccess/.htpasswd files in myLogin. Of course, this may not work with your security/business model. =)
in the meantime, i have found at least part of my problem myself. with the second part of your answer you might just have given me the right hint what to search for. thanks for that, too.
it was not badly formatted html at all. the problem is that i simply have no idea how this apache stuff works (I started the day I wrote this thread). since yesterday - especially since i got no help - i have done loads of reading and i had such a stupid mistake in my .htaccess-file that i am still ashamed off. I had a wrong required username in it. thus, it - as you correctly stated - made a correct auth the first time (since it used my own interface), but when asking for the document in the subfolder, i was (and still am) asked to enter my username+password again, and the username was not identic to the one i had supplied in my .htaccess. Thus no entry.
The second thing i still have a problem with is, that this pop-up even turns up. But as you stated correctly, since i used my own interface Apache might not recognise the first auth. So i need something to deal with this. I hope php works here for me.
The third thing - and here i have found a solution already - is this damn cache storing username + password. But i have done some reading already and this should work.
So thanks for answering again.
