How to redirect users to specific sub-folder depending on user

Question

I'm working on a webpage that displays files in a folder. I got this webpage from open source website "css-tricks". I want to create a way that depending on the user that signs will get re-directed to a folder that is specified for them only. I was able to create a .htaccess that makes the user sign-in and a .htpasswd that has the login credentials.

For example,

There are 3 users (user1,user2,user3) and 3 folders with an index.php in each folder (folder1,folder2,folder3).

When "user1" signs in they get redirected to "folder1", if "user2" signs in they get redirected to "folder2" or "folder3" whatever I want them to be redirect too.

Would this be possible to do with the .htaccess file or like a php file?

NOTE: PHP, .htaccess coding knowledge LIMITED! :(

I hope someone could help me out or maybe point me in the right direction, if you need any extra information let me know! Thanks!

below is my index.php

<!doctype html>
<html>
<head>
   <meta charset="UTF-8">
   <link rel="shortcut icon" href="./.favicon.ico">
   <title>Invoices</title>

   <link rel="stylesheet" href="./.style.css">
   <script src="./.sorttable.js"></script>
</head>

<body>
<div id="container">
	<h1>Directory Contents</h1>

	<table class="sortable">
	    <thead>
		<tr>
			<th>Filename</th>
			<th>Type</th>
			<th>Size</th>
			<th>Date Modified</th>
		</tr>
	    </thead>
	    <tbody><?php

	// Adds pretty filesizes
	function pretty_filesize($file) {
		$size=filesize($file);
		if($size<1024){$size=$size." Bytes";}
		elseif(($size<1048576)&&($size>1023)){$size=round($size/1024, 1)." KB";}
		elseif(($size<1073741824)&&($size>1048575)){$size=round($size/1048576, 1)." MB";}
		else{$size=round($size/1073741824, 1)." GB";}
		return $size;
	}

 	// Checks to see if veiwing hidden files is enabled
	if($_SERVER['QUERY_STRING']=="hidden")
	{$hide="";
	 $ahref="./";
	 $atext="Hide";}
	else
	{$hide=".";
	 $ahref="./?hidden";
	 $atext="Show";}

	 // Opens directory
	 $myDirectory=opendir(".");

	// Gets each entry
	while($entryName=readdir($myDirectory)) {
	   $dirArray[]=$entryName;
	}

	// Closes directory
	closedir($myDirectory);

	// Counts elements in array
	$indexCount=count($dirArray);

	// Sorts files
	sort($dirArray);

	// Loops through the array of files
	for($index=0; $index < $indexCount; $index++) {

	// Decides if hidden files should be displayed, based on query above.
	    if(substr("$dirArray[$index]", 0, 1)!=$hide) {

	// Resets Variables
		$favicon="";
		$class="file";

	// Gets File Names
		$name=$dirArray[$index];
		$namehref=$dirArray[$index];

	// Gets Date Modified
		$modtime=date("M j Y g:i A", filemtime($dirArray[$index]));
		$timekey=date("YmdHis", filemtime($dirArray[$index]));


	// Separates directories, and performs operations on those directories
		if(is_dir($dirArray[$index]))
		{
				$extn="&lt;Directory&gt;";
				$size="&lt;Directory&gt;";
				$sizekey="0";
				$class="dir";

			// Gets favicon.ico, and displays it, only if it exists.
				if(file_exists("$namehref/favicon.ico"))
					{
						$favicon=" style='background-image:url($namehref/favicon.ico);'";
						$extn="&lt;Website&gt;";
					}

			// Cleans up . and .. directories
				if($name=="."){$name=". (Current Directory)"; $extn="&lt;System Dir&gt;"; $favicon=" style='background-image:url($namehref/.favicon.ico);'";}
				if($name==".."){$name=".. (Parent Directory)"; $extn="&lt;System Dir&gt;";}
		}

	// File-only operations
		else{
			// Gets file extension
			$extn=pathinfo($dirArray[$index], PATHINFO_EXTENSION);

			// Prettifies file type
			switch ($extn){
				case "png": $extn="PNG Image"; break;
				case "jpg": $extn="JPEG Image"; break;
				case "jpeg": $extn="JPEG Image"; break;
				case "svg": $extn="SVG Image"; break;
				case "gif": $extn="GIF Image"; break;
				case "ico": $extn="Windows Icon"; break;

				case "txt": $extn="Text File"; break;
				case "log": $extn="Log File"; break;
				case "htm": $extn="HTML File"; break;
				case "html": $extn="HTML File"; break;
				case "xhtml": $extn="HTML File"; break;
				case "shtml": $extn="HTML File"; break;
				case "php": $extn="PHP Script"; break;
				case "js": $extn="Javascript File"; break;
				case "css": $extn="Stylesheet"; break;

				case "pdf": $extn="PDF Document"; break;
				case "xls": $extn="Spreadsheet"; break;
				case "xlsx": $extn="Spreadsheet"; break;
				case "doc": $extn="Microsoft Word Document"; break;
				case "docx": $extn="Microsoft Word Document"; break;

				case "zip": $extn="ZIP Archive"; break;
				case "htaccess": $extn="Apache Config File"; break;
				//case "exe": $extn="Windows Executable"; break;

				default: if($extn!=""){$extn=strtoupper($extn)." File";} else{$extn="Unknown";} break;
			}

			// Gets and cleans up file size
				$size=pretty_filesize($dirArray[$index]);
				$sizekey=filesize($dirArray[$index]);
		}

	// Output
	 echo("
		<tr class='$class'>
			<td><a href='./$namehref'$favicon class='name'>$name</a></td>
			<td><a href='./$namehref'>$extn</a></td>
			<td sorttable_customkey='$sizekey'><a href='./$namehref'>$size</a></td>
			<td sorttable_customkey='$timekey'><a href='./$namehref'>$modtime</a></td>
		</tr>");
	   }
	}
	?>

	    </tbody>
	</table>

	<!--<h2><?php //echo("<a href='$ahref'>$atext hidden files</a>"); ?></h2>-->
</div>
</body>
</html>

below is my htaccess

ErrorDocument 400 /.error.php
ErrorDocument 401 /.error.php
ErrorDocument 403 /.error.php
ErrorDocument 404 /.error.php
ErrorDocument 405 /.error.php
ErrorDocument 408 /.error.php
ErrorDocument 414 /.error.php
ErrorDocument 500 /.error.php
ErrorDocument 502 /.error.php
ErrorDocument 504 /.error.php
AuthType Basic
AuthName "My Protected Area"
AuthUserFile C:\\wamp64\\www\\Custom\\DisplayDirectoryContents/.htpasswd
Require valid-user
DirectoryIndex index.htm index.html index.shtml index.php default.php .index.php

below is my .htpasswd

UserNanme:EncryptedPassword

and below is my .error.php

<?php

$status=$_SERVER['REDIRECT_STATUS'];
$codes=array(
       400 => array('400 Bad Request', 'The request cannot be fulfilled due to bad syntax.'),
       401 => array('401 Login Error', 'It appears that the password and/or user-name you entered was incorrect. <a href="#" onclick="window.location.reload()">Click here</a> to return to the login page.'),
       403 => array('403 Forbidden', 'The server has refused to fulfill your request.'),
       404 => array('404 Not Found', 'Whoops, sorry, but the document you requested was not found on this server.'),
       405 => array('405 Method Not Allowed', 'The method specified in the Request-Line is not allowed for the specified resource.'),
       408 => array('408 Request Timeout', 'Your browser failed to send a request in the time allowed by the server.'),
       414 => array('414 URL To Long', 'The URL you entered is longer than the maximum length.'),
       500 => array('500 Internal Server Error', 'The request was unsuccessful due to an unexpected condition encountered by the server.'),
       502 => array('502 Bad Gateway', 'The server received an invalid response from the upstream server while trying to fulfill the request.'),
       504 => array('504 Gateway Timeout', 'The upstream server failed to send a request in the time allowed by the server.'),
);
 
$errortitle = $codes[$status][0];
$message = $codes[$status][1];

?>

<!doctype html>
<html>
<head>
	<title>That's an Error!</title>
	<style>
	  html 
	{color:#333;
	 font-family: "Lucida Console", Courier, monospace;
	 font-size:14px;
	 background:#eeeeee;}
 
	.content
	{margin:0 auto;
	 width:1000px;
	 margin-top:20px;
	 padding:10px 0 10px 0;
	 border:1px solid #EEE;
     background: none repeat scroll 0 0 white;
     box-shadow: 0 5px 10px -5px rgba(0, 0, 0, 0.5);
     position: relative;
}

	h1
		{font-size:18px;
		 text-align:center;}

	h1.title 
		{color:red;}
	
	h2
		{font-size:16px;
		 text-align:center;}
	
	p 
		{text-align:center;}

	hr
		{border:#fe4902 solid 1px;}

	</style>
</head>

<body>

	<div class="content">
	<h1>Sorry, but that's an error!</h1>
	<h1 class="title"><?php echo $errortitle; ?></h1>
	<hr>
	<p><?php echo $message;?></p>
	</div>

</body>
</html>

Answer 1

Ok, so I made a quick mock with the code from the PHP manual for you. I also tested it and does exactly what you want.

Please make sure the "username" folder is created before hand, in my example I have: 'Norbert1','Norbert2','Norbert3' that means there must be a folder named 'Norbert1','Norbert2','Norbert3'.

<?php
ob_start();

$realm = 'Restricted area';

$users = [
        'Norbert1' => '123456', 
        'Norbert2' => '123456',
        'Norbert3' => '123456'
];


if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
    header('HTTP/1.1 401 Unauthorized');
    header('WWW-Authenticate: Digest realm="'.$realm. '",qop="auth",nonce="'.uniqid().'",opaque="'.md5($realm).'"');
    die('This website requires authorization');
}


// analyze the PHP_AUTH_DIGEST variable
if (!($data = http_digest_parse($_SERVER['PHP_AUTH_DIGEST'])) || !isset($users[$data['username']]))
{
    header('HTTP/1.1 401 Unauthorized');
    die('Invalid Credentials or no such user exists!');
}

    // generate the valid response
    $A1 = md5($data['username'] . ':' . $realm . ':' . $users[$data['username']]);
    $A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']);
    $valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2);

    if ($data['response'] != $valid_response)
    {
        header('HTTP/1.1 401 Unauthorized');
        die('Invalid Credentials or no such user exists!');
    }
        // ok, valid username & password
        echo 'You are logged in as: ' . $data['username'] . PHP_EOL;

        header("Location: /". $data['username']."/");

        // function to parse the http auth header
        function http_digest_parse($txt)
        {
            // protect against missing data
            $needed_parts = array('nonce'=>1, 'nc'=>1, 'cnonce'=>1, 'qop'=>1, 'username'=>1, 'uri'=>1, 'response'=>1);
            $data = array();
            $keys = implode('|', array_keys($needed_parts));

            preg_match_all('@(' . $keys . ')=(?:([\'"])([^\2]+?)\2|([^\s,]+))@', $txt, $matches, PREG_SET_ORDER);

            foreach ($matches as $m) {
                $data[$m[1]] = $m[3] ? $m[3] : $m[4];
                unset($needed_parts[$m[1]]);
            }

            return $needed_parts ? false : $data;
    }
?>

The rest is pretty self explanatory, good luck with your adventure!