create htaccess & htpasswd useing PHP and MySQL
I need a little help....but almost there!
I need to use .htaccess to password protect my site....that bits easy...this is the painful bit ( painful for me anyway )
I have this script that uses a form to process the username and password correctly:
So.......I need to use this info in one of the two following ways:
if ( isset($_POST[user]) && isset($_POST[password1]))
if( $_POST[password1] == $_POST[password2] )
/*$pfad = $DOCUMENT_ROOT . dirname($PHP_SELF) . "/.htpasswd";
$safe= dirname ($PHPSELF);
$htaccess_text = "AuthType Basic\n".
$user = $_POST[user];
$password1 = $_POST[password1];
for ($i = 0; $i < count ($user); $i++)
$htpasswd_text .= "$user[$i]:".crypt($password1[$i],CRYPT_STD_DES)."";
echo "First make a file called .htaccess put this in it:<br><br>
AuthName \"Password Protected Directory\"<br>
Then make a file called .htpasswd. Below is the text you need to enter into your .htpasswd file, then upload both the file to the directory you want to protect!";
echo "<b>Passwords do not match</b>";
1: store the usename and password in my mysql data base and use somthing like:
to check the usename and password....I have the apache module (mod_auth_mysql) installed for this
AuthName "Authorization Required"
2: write the username and password to a .htpasswd file on the server in the appropriate directory.
OK...I need some help with the option thats best so please advise on the best way to go!
These are my problems and things I have to concider
firstly....the site is a microsite...and one of many....Id like to manage all access from this form creating the username and password.....so...the thing to consider here is that each microsite has its own unique user_id in the database so if I was to go with option 1 then I'd need some way of selecting the correct table of usernames and password based on the user_id
so...question is...can that script above that conects to the database and gets the usernames and password select from a table based on a unique user_id?
if not then i'm off to option 2...
so...option 2....how do I use the form to get the username and password then write this to a .htpasswd file in a given directory
and...is this recomended...please tell me if I'm going the wrong way about this.
Lastly...I need to be able to have the .htaccess file enabled and disabled, depending on if I have need for it on that particular microsite...so...this would be in the form too, it would be a simple tick box to say "password protect - ON/OFF"
so....if OFF then the .htaccess file doesn't try and varify the visitor....then if ON tyen the .htaccess file trys the varify the user using the username and password in either the database od the .htpassword file (depending on the option I take with the passwords)
I'm a bit unsure how to go about this...
OK....hope this all makes sence and someone can help out.
For me, coming from a database background I'd use the DB all the way, I don't bother with .htaccess. I would use the user_id as session variable and if every user has a different directory then include that in a field in the DB table then when successfully logged in they are redirected to that directory.
thanks Aussie Girl
I may go that way with the microsite but the problem I have is a sub directy that contains mp3s that are linked to from an RSS feed that I need to protect....if I subscribe in iTunes for example...the only way (I know) is to use htaccess to protect the directiry (and Mp3 files contain) with a password......can this be done a different way?
Again I would create a database table with links to the MP3 files, then when people have successfully logged in they would get access to the .php file that lists all the MP3 available using a SELECT statement and on the top of that page would be the session or cookie info whatever you decide to use, if ok, show files, if not redirect them back to login page. I can't offer much advice on the RSS feed though..
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)