LinuxSA Mailing list archives

  From: Andrew Reid <andrew.reid@plug.cx>
  To  : nik [tm] <tmcruisin@sond.com.au>
  Date: Sat, 4 May 2002 14:04:46 +0930

Re: using php in htaccess flat-file

On Fri, May 03, 2002 at 03:03:11PM +0930, nik [tm] wrote:

> I am really just after opinions, I am currently setting up a web which will
> have user/pass access. I have looked into .htaccess and find that easy to
> use, but I am thinking of a good way to add/remove users into the flat-file.
> we will be adding these users and their passwords into a mydql db, which we
> will set whether they are valid or not and using php to get the valid users
> list.

Perhaps an easier way to go about this would be to get PHP to spit out
WWW-Authenticate (IIRC) headers and check that data against your MySQL
database.

It'd not take long to write an authentication library with functions
like require_auth($level), auth_user($username, $password). Just have
them do the header-spitting and you should be alright :-)

By putting require_auth() at the top of every page that you need to
have users authenticate to, it should (if the user isn't already
logged in) throw the WWW-Authenticate header, authenticate them and
probably set some sort of session variable to let you know that
they're logged in. Anyway, I'll leave the specifics to you :-)

There are plenty of resources on the Interweb detailing the how-to of
it all, but http://www.php.net/manual/en/function.header.php is a good
place to start.

   - andrew

-- 
| Andrew Reid [mailto:andrew.reid@plug.cx]
| Network Wrangler, Bit Herder
| C: +61-401-946-813  F: +61-8-8379-1093

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject