htaccess security in PHP

Anon

Ok .htaccess can secure all files below itself in the file structure no matter what extension they have. but when you try to imitate the headers etc. in php to get the same effect. it only secures php files.
also php can auto_prepend scripts ONLY to php files as well.

Is there not someway in php that you can replace the .htaccess pop up box with a nicer looking web form BUT still keep the same level of securing all file types ?

even if the web form automatically fills in the ugly popupbox and submits it for you. as you would only then need to see it for a few seconds at most.

Any1 any ideas ?

Anon

Hello,

Well if you need to have access to say a .exe file in a dir that you want .htaccess using php i would just make a wrapper for file download.. something simple like:

//do php header htaccess stuff

echo fread($filename);

Anon

I think he's talking about using PHP to do apache level .htaccess authentication. I'm trying to figure out how to do the same thing; here's why:

I would like to control access to ANY file in a directory tree. Normally, I would create an .htaccess file for the root directory I want to protect and add users to that list using htpasswd, but I already have a user login database and authentication module I have written with PHP with existing users and would like to be able to use those username/passwords for complete directory access to certain directories using the same security as .htaccess. Can I do this with PHP somehow?

I've thought of having a script that populates the .htaccess file for that directory structures with users who are permitted then use the environment variables to preset the user to the currently logged in user. Haven't tried anything yet... =)