Christopher Deeley <chrisdeeleyuk@xxxxxxxxx> writes: > I would like to set up a user folder for each user on my site and > the only method I know to stop anyone but the user accessing that > folder is to use htaccess to require the valid user. I have PHP > running as a module on Apache. Is there a way to pass username & > password from a form to a php script which will set the values of > $_SERVER['HTTP_AUTH_USER'] and $_SERVER['HTTP_AUTH_PW'] ? I > currently have a page which does the usual pop-up login box thingy > so these values are set automatic but I would like to get rid of it. No, you have to use cookies if you want a Web form instead of the standard popup. You can use mod_perl and Apache::AuthCookie to do this without writing much code. > Also if there a way to logout? It's client-specific; Firefox provides a way to logout, IE does not. > I used to use sessions to validate the user and restrict access to > pages but I found people could still access pictures. Is there a way > to use a form based login (like I did before with sessions) and > still restrict access to a folder by only allowing one user in? I would also look into using Apache::AuthCookie to do this. ----Scott. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|