--- "news.php.net" <[EMAIL PROTECTED]> wrote: > I have a web page I wish to restrict access. I prefer to use the > standard apache httpd authentication with .htaccess and password > file. This method does not seem to work with PHP.
This method is independent of the type of resource being used, so it works fine with PHP. > A "parser" is called every time a page is accessed. If no page is > defined, the home page is loaded. Subsequent pages are linked with > URLs like "http://mysite.com/?page=nextpage.php";. In the parser I > define a "base_dir" variable that allows access to a common set of > code files regardless of where the page file is. Please read this: http://dictionary.reference.com/search?q=parser I think I understand what you mean, but an improper use of terms can cause confusion. > So the restricted page is in a subdirectory with a .htaccess file to > indicate that a name/password is required. This is ignored, > presumably because the file is include()'d. That's right. The .htaccess is for Apache. If this resource is served directly (e.g., the URL references it instead of your "parser"), Apache will require the proper username/password. > Is there a way to use a parser as above and still have httpd > recognize the need for a name/password? I'm sure there are many ways. You could check for the .htaccess yourself before including the file, and require HTTP authentication where appropriate. What you can't do, however, is presume that you can write a script that handles requests instead of Apache and magically have your code do everything Apache does. Hope that helps. Chris ===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
