How can you do apache authentication from php

dave5398

Hi,

I'm sure this must be an old issue but a lot of googling has so far not provided the answer.

I have a site which uses a MySQL database user table for user login and authentication. However, I should also like to protect some files using HTTP basic authentication.

Ideally I would have just a single apache user (ie entry in the htpasswd file) and when the user logs on using my php script I also set their apache authentication status at the same time - otherwise they have to log in twice - once to my site and again when they try to access a file in a protected directory.

Problem: assuming the apache user is "auser" with password "abcd" how can I do the login from my php script. It's going to be something to do with setting apache environment variables and/or cookies I guess but can someone provide me the details?

Thanks,

Dave

devinemke

from the manual on predefined $_SERVER variables

'PHP_AUTH_USER'
When running under Apache or IIS (ISAPI on PHP 5) as module doing HTTP authentication this variable is set to the username provided by the user.

'PHP_AUTH_PW'
When running under Apache or IIS (ISAPI on PHP 5) as module doing HTTP authentication this variable is set to the password provided by the user.

if you are running PHP as an apache module you can access these. if you are running as a CGI process then you cannot.

dave5398

For information I solved this a different way and this is in case anyone is interested.
What I wanted to do was to have files accessible only to members (of my sports club). An easy way to protect files is with HTTP basic authentication the problem then is you need to authenticate yourself with that as well as your site logon - very boring.

The solution I thought is to "fix" authentication on the client somehow - but I did not know how to do this and the solution suggested using $_SERVER variables did not work.

The solution I found is to recognise something I did not realise, namely that Apache protected files can still be read using fread and even included using include in php scripts. Problem solved - instead of directing the browser to the file, I just read it and echo it out.

Very handy to know I think.

Dave