Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

.htaccess/.htpasswd a file not a directory..

Status
Not open for further replies.
tijerina

tijerina

Vendor
Mar 4, 2003
132
US
Is there a way for me to password protect a php file rather than the entire directory?

I have posted this question in the php forum but no reply as of yet. Please forgive the multiple posts of this question.

I have a php calendar that allows people to schedule appointments. And once they schedule it, there first name will appear on that specific date and time they choose. But the name that is on the calendar is in the date box and is a link. The link is a "viewdetails.php" file. How do I protect this "viewdetails.php" file only.

In more detail:

So if somebody went to my site and wanted to schedule a service, they could see a persons first name and know that the time slot is booked, but if they clicked on that first name (which is a link to "viewdetails.php", they (the user)could see details (details that include phone number and all of the customers info) . This I want to avoid.. I just want admin people to view the details. So when the user tries to click on the person name in the calendar, it will come back with a .htaccess/.htpasswd method.

Or is there another secure method I could use to secure the "viewdetails.php" file?

What can I do?

Thanks..
 
Sort by date Sort by votes

I am just learning php, however from what I read you need to create a directory, use .htaccess to protect that directory, then put your .php file in that protected directory.
 
Upvote 0 Downvote
Thanks,

This is what I have in my ./htaccess file to protect the "viewEvent.php" file.. I do have it in the dir that has the "viewEvent.php" file. Does anybody see anything wrong with what is inside of the .htaccess file? It isn't working. I have restarted my webserver everytime I made a change...

-----.htaccess. code snipit--------------

AuthType Basic
AuthName "Password Required"
AuthUserFile /home/virtual/site1/fst/var/AccessFileName .viewEvent.php
<Directory />
AllowOverride None
</Directory>
Require valid-user

-----End of .htaccess code snipit---------
 
Upvote 0 Downvote
Thanks anyway, I have the fix...

Here it is!!!

Place this code snipit:

<?php
$auth = 0;
if (($_SERVER['PHP_AUTH_USER']) && ($_SERVER['PHP_AUTH_PW'])) $auth = 1;
if ( $auth != 1 ) {
header( " Basic realm=Authorization Required!" );
header( "HTTP/1.0 401 Unauthorized" );
echo 'Authorization Required!';
exit;
}
?>

Place this snipit of code in the file you want to protect, above the <html> tag, basically at the very, very top, above anything else.

This should work..
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

grazinggoat2
  • Locked
  • Question
sed regex not working 1
Replies
3
Views
244
feherke
feherke
EdLentz
  • Locked
  • Question
How can I escape $1 and &amp;&amp; in a SED command
Replies
1
Views
201
feherke
feherke
pax94
  • Locked
  • Question
Script automating dynamic queries in a remote host
Replies
0
Views
112
pax94
pax94
tulsantide
  • Locked
  • Question
setenv not found error in cshrc on a solaris 11 machine
Replies
0
Views
107
tulsantide
tulsantide
grazinggoat2
  • Locked
  • Question
ksh script to add multiple lines to csv cell formatting help
Replies
0
Views
136
grazinggoat2
grazinggoat2

Part and Inventory Search

Sponsor

Back
Top