Welcome aboard, znewhsam!

Depending on the setup at the receiving end, you can often pass login info using the following syntax:

http://username:password@serveraddress/page/

Hope that does it!

thanks, but unfortunatley not, i have made a php script that stores username and passwords in cookies, is this what apache uses? or is the message box the only way to login? thanks for your help
znewsham

Message box? Are you restricting access using .htaccess?

yeah i am, i thought that was the only was to implement authentication on a whole directory, whilst keeping the directory view, thats what i really need it for, to allow access so a certain user can view the content of a page

Actually, .htaccess is not the preferred method:

Putting authentication directives in a <Directory> section, in your main server configuration file, is the preferred way to implement this, and .htaccess files should be used only if you don't have access to the main server configuration file.

I think the answer to your question about requiring more than one login can be found in the Apache docs:

[httpd.apache.org...]

(See the "Getting it Working" section and read carefully. It discusses exactly the issue you want to learn about.)

Also see [httpd.apache.org...] for an example of using default password/user files for authentication. (Section "Apache Tutorial: .htaccess files".)

HI, thanks for the help, but i am not sure that that is the problem, i cant edit the main configuration file because the program creates the .htaccess file automatically and fills it with the correct content. The problem as i see it is, that i can make the .htaccess files work in the directories, however i cant integrate them with any part of my php script, or access the username from cookies, and my php script, which stores usernames and passwords as cookies so that each page can check them, cant integrate with the apache login process, hence, when the user wants to leave a comment, for example, they have to go in using the php script, but when they want to view their directories, they have to log in via the apache message box, iregardless of wether they are already logged in. WHat i think i need to find, is a way of automatically sending the server the username and password of the member, if they are already logged in

thanks, and sorry for the long message
znewsham

How about using PHP for the whole thing, once they use the Apache login for initial access? The major change would be in viewing the contents of a directory, for which you would need to write a little PHP page that grabs the info and displays it.

1) User hits the directory for the first time
2) User logs into the Apache mechanism
3) Credentials stored in a cookie (as I understand it?)
Maybe they also need to log in using PHP ... can't tell how your app works
4) Everything else is authenticated by PHP

Using that type of setup they would only need to log into Apache once, and everything else is handled by PHP authentication based on the cookie data.

The Apache .htaccess login protects raw directory access, but page access is controlled by PHP.

Maybe?

that could work, get the user to sign in with apache at the main page, however they would still need to sign in with php for the pages, but only once, however apache does 'forget' the credentials once a browser closes. If i could find out what cookies apache uses i could make them co-operate, i will start looking into that now