Reputation: 12534
Using php or javascript to log a user into a directory protected with Apache Basic Authentication (htaccess/htpasswd)
Is it possible to use PHP or Javascript to login to a directory protected with Apache Basic Authentication?
A simple example:
- I have a directory called 'protected' (ie. http://myurl/protected) that uses apache basic authentication
- I have a form located at http://myurl/login.php with a username and password field
- When a user enters their username/password into login.php and hits submit, either php or javascript automatically logs the user into the protected area and redirects them.
- When the user is redirected, they do not have to re-enter their username/password information, and they have full access to the information in the protected directory.
Is this possible? If so, how can I achieve this?
Update: Do to my client's implementation requirements, I can not use a php based authentication system. It needs to be apache authentication.
Upvotes: 4
Views: 2100
Answers (2)
Reputation: 2534
It is possible to use
header("Location: http://$username:[email protected]/protected");
Although, I would advise against it, and use a php based authentication mentioned above without the Apache basic authentication.
Upvotes: 2
Reputation: 8700
My understanding about the basic authentication with apache is that it is, by definition, basic. If you are willing to work with php and mysql, you can build a simple login system that would suit your needs. Just check a username and password against its counterparts in a mysql database (of course hash the password with md5, or sha256), and if it is correct, set a session variable saying so. Check that variable on each page that needs authentication, and redirect if it isn't set/set to false.
Here is a good example: http://progtuts.info/92/login-system/
Upvotes: 0