I need urgent help with my password protected folder.
My folder hierarchy looks like this when I am finished:
myInternet
login.php
login.htm
myFolder1
myFolder2
myLogin
.htaccess
.htpasswd
start01.htm
start02.htm
myFolder3
The file login.htm contains the form for entering username and password. If executed, login.php is called, comparing the encrypted password with the entered password. Until here, everything works fine.
When the password is correct, start01.htm shall be loaded in an iFrame and - preferably - start02.htm shall be loaded simultaneously into another iFrame. Thus, i entered a simple piece of code into the login.php script:
if (! $auth ) {
include("failure.htm"); // in case password is false
} else {
include("myLogin/start01.htm");
}
}
To upload start02.htm I entered following code into start01.htm (as an onLoad command):
<script language="javaScript">
<!--
function change() {
parent.show.location="myLogin/start02.htm";
}
//-->
</script>
Whereas "show" is the name of the iFrame.
For testing issues I even entered a regular hyperlink (<a href="start02.htm" target="show">test </a>) into start01.htm to confer with start02.htm directly. Neither works.
THE PROBLEM
When I enter username+password start01.htm is loaded correctly into my first iFrame. The onLoad command for start02.htm is performed, but shows a "404 page not found" error.
Funnily though, it seems like each version, the hyperlink and the onLoad option load start02.htm from a layer above, thus ignoring the fact that it is in the myLogin folder. The link displayed in the window is .../myInternet/start02.htm where it needs to be .../myInternet/myLogin/start02.htm.
The next thing is that when I explicitely command him to load the file from folder myLogin, I am asked again for username+password although I just entered both into my own interface.
WHERE I WANNA GET:
I intend to add to the myLogin folder several other folders like this:
myLogin
.htaccess
.htpasswd
start01.htm
start02.htm
myPrivateStuff1
myPrivateStuff2
myPrivateStuff1
start01 shall be the display, start02 the navigation options. The navigation shall ask for files in the myPrivateStuff folders.
I would prefer these files to be .htm files, instead of .php.
THE QUESTIONS
I understood that by adding .htaccess and .htpasswd to the myLogin folder, all files and folders in myLogin are password protected. Is this correct?
In case I upload a file into my internet site, do I have to enter for each site password+username and check for the validity?
What possibilities do I have, working with .htm files within this folder structure to not enter each time password+username anew? Has someone ideas how to achieve that?
How can I save for the complete session (while I am working within this folders) my password+username? Do I have to work with cookies in order to do so or are there other possibilities?
I am very grateful for any help you might supply.
