Bryan,
A .htaccess file is a Web server configuration file. It cannot know what
sort of PHP code you have in place to authenticate a user. :-)
As has been suggested by someone else, you should place your restricted
files outside of document root. In PHP, it is a simple matter of an
include() to display the file:
include("/path/to/file.inc");
Also, this method keeps you from doing this redirecting you are talking
about. Unnecessary redirections like that double your traffic, which is
not a good idea.
Happy hacking.
Chris
Bryan Koschmann - GKT wrote:
>On Tue, 24 Sep 2002, David Buerer wrote:
>
>|make the directory outside of the web server root path and create some PHP
>|routines to display the directory data as you see fit. PHP can see the
>|entire file store, whereas the webserver can only see data below it's root.
>|That way you keep security and can also display the data.
>
>Isn't there a simple way to use like an htaccess file with this, or
>another php file in that directory that checks to see if you are
>authenticated (and if not sends to the login page)?
>
>Can you give me a quick bit on how to make it not hold authentication
>information after leaving that site?
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
