Here is my question. It involves using PHP and apache's .htaccess files.
What I basically want to know is, how do I redirect a bas user after a failed Authentication attempt.
Example:
One PHP script checks to see if $PHP_AUTH_USER is set and if not calls
header( sprintf("WWW-authenticate: basic realm=\"%s\"", $g_auth_realm ));
header( "HTTP/1.0 401 Unauthorized" );
to get them to provide a username and password. Now, how to I check that against the .htaccess and .htpasswd files I have in a subdirectory below the script.
The way I have it working now is that I check to see if $PHP_AUTH_USER is set, and if it is, I send them to the page that is a directory down behind the .htaccess file. Working that way, if they are an invalid user, they are prompted again, if they hit cancel, they get the 401 page. I want to give them a custom error message instead of the generic 401 page.
Any ideas on how to avoid the 401 page?
using PHP with .htaccess files.
Moderator: General Moderators
Actually, that is something you would set in httpd.conf for Apache, though I also believe you can set it in a .htaccess file. I imagine it works like a 404 file.
Just a question, what are you using .htaccess for? Why not use PHP? Nothing wrong with the way you are doing it...just curious. What is the use for a signup area like this?
Just a question, what are you using .htaccess for? Why not use PHP? Nothing wrong with the way you are doing it...just curious. What is the use for a signup area like this?
I don't want to replace the default 401 for the entire site, just for this one case.jason wrote:Actually, that is something you would set in httpd.conf for Apache, though I also believe you can set it in a .htaccess file. I imagine it works like a 404 file.
I've looked over the .htaccess documentation, and I can't find a way to define a place to send the user if the authentication fails.
I would rather just do it in php and oracle, but I have to do it with .htaccess instead. Not my decision, just my problem. *sigh*jason wrote:Just a question, what are you using .htaccess for? Why not use PHP? Nothing wrong with the way you are doing it...just curious. What is the use for a signup area like this?
Did a little searching for this.
http://httpd.apache.org/docs-2.0/misc/c ... rdocs.html
This appears to be what you want
It shows how to define the 401 page just for that particular directory.
http://httpd.apache.org/docs-2.0/misc/c ... rdocs.html
This appears to be what you want
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK