Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Clarification on .htaccess

Status
Not open for further replies.
gbraden

gbraden

MIS
Jan 24, 2002
129
US
Website access. I have a customer who wants to have part of his website opened only to registered users. I see a lot of websites doing this, but I am wondering if this is more than simply setting up .htaccess. We will be using Apache 1.3 on a Linux machine with PHP and MySQL.

Thanks in advance





[noevil]
Glen Braden
 
Sort by date Sort by votes
Hi

Glen said:
I see a lot of websites doing this, but I am wondering if this is more than simply setting up .htaccess.
Click to expand...
Well, depends on what kind of authentication you want. For HTTP Authentication, both Basic and Digest, is enough .htaccess and the password file.

But I am not sure if that is what your customer is thinking to.

Feherke.
 
Upvote 0 Downvote
I reworded the question and posted over at PHP. There is a method called Sessions that restrict access if you cannot provide login/password.

I was looking for a way that a registered user could access more content than one who is not registered. Similar to websites that allow you to read part of an article, but only makes the entire article available to registered users.



[noevil]
Glen Braden
 
Upvote 0 Downvote
Ill tell you what, I have a Visual Quick Start guide for PHP and it has lots of examples, including a user authetication system.

However, my main script language is perl... I do all the coding, and store all important info like passwords in a text file. I then secure just the text file with .htaccess... Everything else that needs securing I do with hidden fields, to consistantly check that the username and password they user logged in with is correct, every time they load a page.
 
Upvote 0 Downvote
Well, no hehe. When the user logs in the first time, when they click login, a hidden field carries the username and password, so once in the admin area, if they click on another button i check if the username and password carried by the hidden field is the same as in the file storing it. This method I devised myself, because I couldn't find anything at the time which told me how to write a proper user login system
 
Upvote 0 Downvote
They aren't even encrypted. I don't get why they need to be??? The correct username and password is stored in a text file which is highly secured using htaccess, no one can view the correct username an dpassword
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Krus1972
  • Locked
  • Question
Rewrite Rule for .htaccess Help
Replies
0
Views
167
Krus1972
Krus1972
bhuv560
  • Locked
  • Question
Postfix Installation on EC2 AWS Linux
Replies
0
Views
103
bhuv560
bhuv560
gregor weertman
  • Locked
  • Question
set samba "template shell" dependent on group
Replies
0
Views
94
gregor weertman
gregor weertman
lslamp
  • Locked
  • Question
Bash Onliner ... 1
Replies
2
Views
186
lslamp
lslamp
daniel.warner
  • Locked
  • Question
Desperately need help setting up wildcard certs on Apache/Tomcat
Replies
2
Views
175
daniel.warner
daniel.warner

Part and Inventory Search

Sponsor

Back
Top