This might be a holy grail of the Apache world, but I was wondering how I might go about authenticating a user AND upon authentication, move that user to his own private directory.
Basically a content management server of sorts.
I can do this (kind of) using htaccess but here's the problem:
1) I don't know where the user wants to go to until he/she logs in.
2) I can't authenticate that user with htaccess until they attempt to go to the protected folder in question!
3) Goto (1).
ONe big vicious cycle.. I'm certain someone has to have had a means of doing this, without having the user login twice, or creating seperate htaccess files for every user directory.
So here's my proposal.
I create one directory that all my user's subdirectories will be under. We'll call it 'users'. I put an htaccess file in that directory with only one privileged 'user' who can access it. That user is defined in the php login script.
So what would happen would be this --
1) User logs in with my little PHP page (we'll call it login.php).
2) login.php checks the login username/password against an SQL db.
3) Upon successful authentication, login.php gets in past the 'users' directory into the specific user's directory using the account name specified in the htaccess file.
Basically, PHP acting as a proxy of sorts for the authenticated user. My only problem of course is step 3. How the hell do you do that?
Or is there an easier way completely?
Thank you in advance..
-chico
