I need to require username/password access in two distinct ways. At one level, I need to protect all files except .php files within a directory structure. I can do this with htaccess using the <FilesMatch> directive. I also need to serve up database driven content via username/password at another. I'm doing this via sessions and php. I want the same username and password to work for both. I don't know how to restrict access to the non-php files with php. Is there a way? If not, is there a way that the username/password info stored in the session var can be used in conjunction with the htaccess file so if the user has already logged in via the session system, they don't have to then enter the same data again via http authentication? ____________________ Kelly Meeks Right Angle, Inc. PO Box 356 Northampton, MA 01060 413-586-4694 ext. 11
