Authentication

kirstytrigg

I need to be able to use authentication that will work with IIS, so that someone logged into a website will be able to view files, but anyone who isn't, won't.

Is there some way I can get PHP to work with windows authentication, is HTTP authentication the way to go, or do I need to do something else?

devinemke

if it's something as simple as keeping certain senistive files in a specific directory and just password protecting access to that directory then i would go with HTTP authentication. in Apache one would use an htaccess file. i assume that there is something analogous to that with IIS (i wouldn't know as i don't use IIS).

kirstytrigg

I'm sorry, I should have explained more clearly.

I am trying to refer to a directory that is password protected from one that is not.

The user will already have authenticated against a mysql database.

My problem is not one of authentication per se, but one of needing to be able to view straight html files, pointed at from a php page.

The php pages already perform all necessary authentication, for the php site.

However the problem is to the php script users to be authenticated without entering their login details a second time (i.e no dialog to be popped up).

I hope that makes a bit more sense. Unfortunately I have not found a way to pass the necessary parameters around so that I can provide authentication in this way.

devinemke

kirstytrigg wrote:
My problem is not one of authentication per se, but one of needing to be able to view straight html files, pointed at from a php page.

how exactly are you "pointing" at them? if you have certain HTML documents that only certain people should see and you already have your PHP/mySQL authentication system in place, then i suggest that you simply store the sensitive HTML docs outside of your server's document root and simply [man]include[/man] them from within your authenticated PHP script...or perhaps i'm still not undertstanding you.

kirstytrigg

Thanks for the suggestion.

The files are being "pointed at" by means of an IFrame, which loads them.

I just tried a straightforward "include", but there are lots of files associated with the raw html. Just "include" doesn't load those files in, hence I have lots of missing pictures and functionality.