You have one alternative called .htaccess. It's a file that you put in the directory you want to protect. It is not php, but it works. You can also use it to protect single files. It requires 3 things:
o The file .htaccess. Is to but placed in the dir you want to protect.
Configured like this:
AuthName "The-name-of-your-site"
AuthType Basic
AuthUserFile /www/htdocs/.htpasswd
require valid-user
- AuthName: Is the name of the site/realm. Just put in pure text, it's only displayed, not used in any other way.
- AuthType: Not really sure if there are any other types. Basic works...
- AuthUserFile: The path to the file you put your users and passwords in. Described later.
- require: valid-user work as a popup, and prompts the user to type username and password. Will be authenticated in the .htpasswd.
o The password file .htpasswd
Contains the usernames and passwords allowed access for the particular dir.
The syntax of the lines is:
"username:password"
Every user has its own line in the file, and the password have to be encrypted with the php function crypt(). Also known as the function that encrypts passwords in Linux.
o Your apache configuration
You will have to change the line:
<Directory "/dir/to/your/www/">
AllowOverride None
</Directory>
to:
<Directory "/dir/to/your/www/">
AllowOverride AuthConfig
</Directory>
This should do the trick...
