I have a portion of my site protected by a htaccess file.
What I would like to do is log every log in attempt whether it is sucessful or not. The main deatils I would like to find are the person who is attempting to login's username and the password that they are using. This would be then saved to my MySQL server along with some other details such as time and date.
I can do everything so far apart from getting the details the user provided to the htaccess login box. Is it possible to get those details?
Any help would be greatly appreciated.
Security Help (authentication)
Moderator: General Moderators
$_SERVER vars:
Might be useful to log IP as well - although that doesn't always identify a visitor.'PHP_AUTH_USER'
When running under Apache as module doing HTTP authentication this variable is set to the username provided by the user.
'PHP_AUTH_PW'
When running under Apache as module doing HTTP authentication this variable is set to the password provided by the user.
'PHP_AUTH_TYPE'
When running under Apache as module doing HTTP authenticated this variable is set to the authentication type.
Hey, it didn't seem to work. I was pondering this for a while until i realised I was running PHP as a CGI!
Doh, why I set it up like that I don't know but its working fine when I upload the script to my linux server.
Incedentally, how difficult is it to remove PHP as a CGI and install it as a module, and how long would it take
Thanks very much
Incedentally, how difficult is it to remove PHP as a CGI and install it as a module, and how long would it take
Thanks very much