|
|
Posted by laredotornado@zipmail.com on 10/24/06 00:13
Thanks, Rik. This is the solution I'll pursue. But I have one follow
up question. What does "accesscontrol.php" return upon successful
authentication and upon authentication failure?
- Dave
Rik wrote:
> laredotornado@zipmail.com wrote:
> > I have seen .htaccess files, but how can they be built so that they
> > read from a database of stored username and passwords?
>
> That's not that simple.
> You could make .htpasswd files on the fly, but that's hardly preferable, as
> you'll have to create, maintain and verify the file on every change in
> users.
>
> What I'd do:
> create a .htaccess file:
>
> RewriteCond %{REQUEST_FILENAME} -f
> RewriteCond %{REQUEST_FILENAME} !^accesscontrol.php
> RewriteRule ^(.*?)$ accesscontrol.php?file=$i&%{QUERY_STRING} [NC,L]
>
> And handle authentication in accesscontrol.php, and possibly include the
> requested files, or give a Unauthorised header.
> --
> Grtz,
>
> Rik Wasmus
Navigation:
[Reply to this message]
|