problems during authorization

Anon

I've got a directory on a site which is supposed to be password protected. I don't so much care about graphics and whatnot, as the files therein allow the administrators to add items to various databases (news, personal profile, etc.). So I used the standard PHP code for HTTP Authorization.

Now, we switched webhosts recently, and things are working differently. The code I had threw up 500 Internal Errors. I circumvented that by changing Header("HTTP/1.0 401 Unauthorized") to Header("Status: 401 Unauthorized"). The authorization prompt now pops up.

However, no matter what is typed into the Username or Password fields, it doesn't seem to work. It just brings the prompt back up as if the wrong name/pass were entered.

Anyone have a potential solution for me?
I am using winNT 4.0 with SP 6.0, apache 1.3.20, php 4.0.6 as external cgi

zortness

I would skip using php and just do it with apache's .htaccess functions...

create a file called .htaccess with the following text:

AuthUserFile "/absolute/directory/.htpasswd"
AuthGroupFile /dev/null
AuthName "Mail List Administration"
AuthType Basic
<Limit GET>
require valid-user
</Limit>

Then I'm pretty sure linux has a htpasswd command code, where you can add users into a file and it md5 encodes their passwords. I haven't used it in a while, so I'm a little rusty. You might have to go through and set up Apache to accept the .htaccess file parameters for the directory, but its not hard and I'm sure you can find more documentation on this somewhere. Anyway, justa suggestion.