Posted by Jerry Stuckle on 08/24/07 00:04

Álvaro G. Vicario wrote:
> rogerjames1@googlemail.com escribió:
>> Was going to use .htaccess but I'd require a better user management
>> with MySQL database, registeration page, admin page, forgot password
>> feature.
>>
>> Would coding a script that runs every minute and dumps user/pass to
>> a .htpasswd file be too taxing on a high traffic site?
>
> There're several modules that provide HTTP authentication in Apache. I'm
> not sure of which ones are usually available in hosting services but
> I've used mod_auth_mysql for several years and it works fine:
>
> http://modauthmysql.sourceforge.net/
>
> However, you must be aware that you won't be able to use a custom login
> form if you use HTTP authentication. Even if you validate an user using
> a form, the browser won't know about it and will open its own prompt and
> ask for credentials. I've never found an acceptable workaround.
>
>
>

There isn't. HTTP authentication comes into play before any calls to
the files themselves. Unfortunately, there's no way to tell the browser
what to send for authentication credentials except through the HTTP
authentication mechanism (i.e. no PHP or Javascript code can force it).



--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
mod_auth_mysql developer/administrator
==================

[Back to original message]