how to pass user and password to an .htaccess page using php

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
graziano
Forum Newbie
Posts: 9
Joined: Sat Dec 14, 2002 7:16 am

how to pass user and password to an .htaccess page using php

Post by graziano »

Hi all,

I have a webform to permit some user to login on neomail (Webmail software) ; on the webform they enter user ($user) and a password ($password) ; after that a simple php script was passing the $user and $password results in this way

<?
header("Location: http://$user:$password@mydomain.com/neomail.php");
?>

OK , it was working fine for years . It's stopped to work latest week after latest IE security patch !

With latest IE patch , http://user:password@domain.com is [b]no more[/b] allowed .

So , now, I am searching an alternative way to login my users
to http://$user:$password@host/neomail.php

I don't know if exists a php solution . I searched for hours on php documentation (header and authentication) , and asked help in other php forums , but at this time 0 solutions.
Any idea in this forum ?

Thank you.
Last edited by graziano on Tue Feb 15, 2005 2:48 am, edited 1 time in total.
User avatar
cybaf
Forum Commoner
Posts: 89
Joined: Tue Oct 01, 2002 5:28 am
Location: Gothenburg Sweden

Post by cybaf »

if you are using basic authentification, how come that you do not want to use the built in login box that pops up whenever you send a authenticate header?

in any case I suggest that you don't use basic authentification due to the lack in security. The best is to use SSL and a session based authentification system.

//cybaf
Post Reply