.htpasswd

alanb

Am I right in assuming that when you login to a password protected directory using the .htpasswd setting that a session cookie of some sort must be created by the browser?

I say this because if I leave the browser open and go to another site then come back to the password protected dircectory it does not ask me to log in again. Therefore I assume something has been downloaded to my system to allow me continued access. Only when I close the browser do I have to log in again.

If this is the case - is there anyway that I can pick up the stored information and reuse it in a script for other logging processes?

Many thanks

Alan

cyclops

actually, the browser caches (remembers) the supplied username and password in memory.

if not on https the browser will send U&P to the server 'as-is' (i.e. not encrypted) every time it is 'challenged' by the protected directory

you can retrieve the username by fetching $_SERVER["REMOTE_USER"]