.htaccess php actions

rodin

I have been trying to search for an answer to this, but have been unable to find any results, which tells me that it's probably not possible.

What I am attempting to do is password protect certain functions of a php file using htaccess, or by any other means possible.

I want to password protect test.php?action=killcmd but allow test.php?action=testcmd

is there any simple way to accomplish this? any help is greatly appreciated!

Kudose

If you don't send any headers before you get to killcmd, you can send WWW-Authenticate headers and check the user/pass in the code, or from a file.

I don't think you can use Apache to do this ... I could be wrong though. I haven't gotten my Apache ninja badge yet. 😉

NogDog

If you use HTTP authentication, I think you could do something like:

<?php
if(isset($_GET['action']) and $_GET['action'] == 'killcmd')
{
   if(!isset($_SERVER['PHP_AUTH_USER']))
   {
      header('WWW-Authenticate: Basic realm="My Realm"');
      header('HTTP/1.0 401 Unauthorized');
      echo 'Text to send if user hits Cancel button';
      exit;
   }
}
// rest of script....
?>

More info at: http://www.php.net/manual/sv/features.http-auth.php