partial password protection

sonicfusion

is there any way to the have xxx.php accessible to anyone, but have xxx.php?something=somethingelse password protected.

preferably i'd like a prompt instead of a form. something similar to htaccess password protection would be perfect. unfortunately i dont think htaccess is possible because headers need to be different or so im told. i've had a good search around not really been able to find a suitable solution :bemused:

thanks in advance 🙂

robtbs

sure... use the header function before any HTML is actually executed to display a HTTP auth box

if($_GET['something'] == 'somethingelse')
{
    if(($_SERVER['PHP_AUTH_USER'] == 'username') && ($_SERVER['PHP_AUTH_PW'] == 'password'))
   {
      echo 'your in';
   }
   else
   {
       header('WWW-Authenticate: basic realm="abcde"');
   }
}

//edit
its not the most secure method of password protection.. but it can be fine for basic things.
if your looking for something more substantial you need to create a session based auth system using database etc.

Hope this helps you

sonicfusion

exactly what i was looking for 🙂

dunno why i didnt think of that myself now...oh well haha

thanks alot this is perfect😃