Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

.htaccess/.htpasswd a file not a directory..

Status
Not open for further replies.

tijerina

Vendor
Mar 4, 2003
132
US
Is there a way for me to password protect a php file rather than the entire directory?

I have posted this question in the php forum but no reply as of yet. Please forgive the multiple posts of this question.

I have a php calendar that allows people to schedule appointments. And once they schedule it, there first name will appear on that specific date and time they choose. But the name that is on the calendar is in the date box and is a link. The link is a "viewdetails.php" file. How do I protect this "viewdetails.php" file only.

In more detail:

So if somebody went to my site and wanted to schedule a service, they could see a persons first name and know that the time slot is booked, but if they clicked on that first name (which is a link to "viewdetails.php", they (the user)could see details (details that include phone number and all of the customers info) . This I want to avoid.. I just want admin people to view the details. So when the user tries to click on the person name in the calendar, it will come back with a .htaccess/.htpasswd method.

Or is there another secure method I could use to secure the "viewdetails.php" file?

What can I do?

Thanks..
 

I am just learning php, however from what I read you need to create a directory, use .htaccess to protect that directory, then put your .php file in that protected directory.
 
Thanks,

This is what I have in my ./htaccess file to protect the "viewEvent.php" file.. I do have it in the dir that has the "viewEvent.php" file. Does anybody see anything wrong with what is inside of the .htaccess file? It isn't working. I have restarted my webserver everytime I made a change...

-----.htaccess. code snipit--------------

AuthType Basic
AuthName "Password Required"
AuthUserFile /home/virtual/site1/fst/var/AccessFileName .viewEvent.php
<Directory />
AllowOverride None
</Directory>
Require valid-user

-----End of .htaccess code snipit---------
 
Thanks anyway, I have the fix...

Here it is!!!

Place this code snipit:

<?php
$auth = 0;
if (($_SERVER['PHP_AUTH_USER']) && ($_SERVER['PHP_AUTH_PW'])) $auth = 1;
if ( $auth != 1 ) {
header( " Basic realm=Authorization Required!" );
header( "HTTP/1.0 401 Unauthorized" );
echo 'Authorization Required!';
exit;
}
?>

Place this snipit of code in the file you want to protect, above the <html> tag, basically at the very, very top, above anything else.

This should work..
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top