Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 3rd November 2005, 21:41
Joe-Montana Joe-Montana is offline
Junior Member
 
Join Date: Oct 2005
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default .htaccess PHP - Hobe it make sence.

Hey All

i would like to use .htaccess to protect a folder, i know how to do it with the, "htpasspwd" and put the .htaccess in the folder.

Is there any way that i can get htaccess to include a php file to check user and password. instead of using the htpasspwd file


##### if u know what i mean ################

AuthName "restricted stuff"
AuthType Basic
AuthUserFile userfile.php

require valid-user

####################

########## userfile.php #######
<?php

//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();

require('../../siteuser/config.php');
require('../../siteuser/functions.php');

if (allow_access(user) != "yes") {
{
include ('../../siteuser/no_access.html');
exit;
}
?>

Hobe it make sence.

Best Regard

Joe Montana
Reply With Quote
Sponsored Links
  #2  
Old 4th November 2005, 09:47
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

No that doesn't work. Have a look here: http://httpd.apache.org/docs/1.3/mod/mod_auth.html

It reads:
Quote:
The AuthUserFile directive sets the name of a textual file containing the list of users and passwords for user authentication. File-path is the path to the user file. If it is not absolute (i.e., if it doesn't begin with a slash), it is treated as relative to the ServerRoot.

Each line of the user file contains a username followed by a colon, followed by the crypt() encrypted password. The behavior of multiple occurrences of the same user is undefined.
But you can do authentication with PHP, without .htaccess. It works like this:

PHP Code:
<?
    
// checks if you have entered a username and a password
    
if (!$_SERVER['PHP_AUTH_USER'] || !$_SERVER['PHP_AUTH_PW'])
    {
        
// if empty, send header causing dialog box to appear
        
header('WWW-Authenticate: Basic realm="Admin"');
        
header('HTTP/1.0 401 Unauthorized');
        echo 
"Authorization Required.";
        exit;
    }
    else
    {
        
// check if the username and password are correct
        
if (($_SERVER['PHP_AUTH_USER'] == "demo") && ($_SERVER['PHP_AUTH_PW'] == "demo"))
        {
            
// dispay happy message and admin stuff
            
echo "Welcome!";
        }
        else
        {
            
// display angry message for invalid user
            
die("Oops! That didn't work...");
        }
    }
?>
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 4th November 2005, 21:50
Joe-Montana Joe-Montana is offline
Junior Member
 
Join Date: Oct 2005
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thaks again Falko,

Ok its maby me that eksplain it a bad way, the php script i have inlcude works fine as long as i include it on a site that i want to protect.


########## www.mysite.dk/user/index.php #######
<?php

//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();

require('../../siteuser/config.php');
require('../../siteuser/functions.php');

if (allow_access(user) != "yes") {
{
include ('../../siteuser/no_access.html');
exit;
}
?>
<HTML>
<HEAD>
<TITLE>mysite</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1251">

</HEAD>
<BODY BGCOLOR=#999999

<iframe src="/user/main.php" frameborder="0" name="main" scrolling="no" height="1000" width="902"></iframe>

</BODY>
</HTML>
################################

My php script checks in my sql database if user is loocked in.

connect to www.mysite.dk you will meet a normal form for user and password, if user is ok it will redirect to www.mysite.dk/user/index.php everything is god and work.


Now ex. if you connect direct to www.mysite.dk/user/index.php it meet the php script i have include, and if you not are loocked ind it will send you to www.mysite.dk. Everything is fine so fare.

The problem is that you can still get access to www.mysite.dk/user/audio.mp3

I would like to put a file in that folder (www.mysite.dk/user/) that no mater what, the server will read that file first and in that file i will include my php script.

Hobe You understand, and sorry about my spelling

/Joe
Reply With Quote
  #4  
Old 5th November 2005, 01:36
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
 
Default

You could write a script that is run by a con job and reads your users and their passwords from the database and puts them into a plain text file which you can include in your .htaccess file (see http://httpd.apache.org/docs/1.3/mod/mod_auth.html ).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
cpan> install DB_File make error Nu2Linux HOWTO-Related Questions 6 13th April 2012 22:06
[error] an unkown filter was not added: PHP Arien Installation/Configuration 12 7th October 2006 14:17
Installation Problems right after php building nagual Installation/Configuration 3 31st October 2005 10:28
Installation Problems right after php building nagual Installation/Configuration 1 31st October 2005 08:30
FC3 Perfect Installation Make Errors solderboy HOWTO-Related Questions 3 2nd October 2005 16:55


All times are GMT +2. The time now is 15:31.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.