using PHP with .htaccess files.
Posted: Thu Jun 20, 2002 1:51 pm
Here is my question. It involves using PHP and apache's .htaccess files.
What I basically want to know is, how do I redirect a bas user after a failed Authentication attempt.
Example:
One PHP script checks to see if $PHP_AUTH_USER is set and if not calls
header( sprintf("WWW-authenticate: basic realm=\"%s\"", $g_auth_realm ));
header( "HTTP/1.0 401 Unauthorized" );
to get them to provide a username and password. Now, how to I check that against the .htaccess and .htpasswd files I have in a subdirectory below the script.
The way I have it working now is that I check to see if $PHP_AUTH_USER is set, and if it is, I send them to the page that is a directory down behind the .htaccess file. Working that way, if they are an invalid user, they are prompted again, if they hit cancel, they get the 401 page. I want to give them a custom error message instead of the generic 401 page.
Any ideas on how to avoid the 401 page?
What I basically want to know is, how do I redirect a bas user after a failed Authentication attempt.
Example:
One PHP script checks to see if $PHP_AUTH_USER is set and if not calls
header( sprintf("WWW-authenticate: basic realm=\"%s\"", $g_auth_realm ));
header( "HTTP/1.0 401 Unauthorized" );
to get them to provide a username and password. Now, how to I check that against the .htaccess and .htpasswd files I have in a subdirectory below the script.
The way I have it working now is that I check to see if $PHP_AUTH_USER is set, and if it is, I send them to the page that is a directory down behind the .htaccess file. Working that way, if they are an invalid user, they are prompted again, if they hit cancel, they get the 401 page. I want to give them a custom error message instead of the generic 401 page.
Any ideas on how to avoid the 401 page?