tippytarka
Programmer
i'm designing a site with a members login and i've been reading up using .htaccess to secure directories and content. so here's my question....
i've already coded the script for the login where my usernames and passwords are stored in a mysql database. here's the script...
then after creating the script i'd thought about protecting the directories that i want to be accessed by members only, which led me to read up on .htaccess files. But, how do i make the htaccess file look for the passwords in the mysql database?
do i use a php include path in the .htaccess file (and the php include connects and queries the database?). can someone explain and point me in the right direction on what to do?
Cheers!
i've already coded the script for the login where my usernames and passwords are stored in a mysql database. here's the script...
Code:
<?
$user = $_POST["userid"];
$pass = sha1($_POST["password"]);
include("connect.php");
$query = "
SELECT *
FROM users
WHERE username = '".mysql_escape_string(trim($user))."'
AND PASSWORD = '".mysql_escape_string(trim($pass))."'";
$result = mysql_query($query);
if (mysql_fetch_row($result)) {
session_start();
header("Cache-control: private");
$_SESSION["access"] = "granted";
session_register("$userid");
$url_success = "../secure/secure.php";
echo("<meta http-equiv = refresh content=0;url=".$url_success.">");
exit;
} else {
$url_failure = "../entrance.php";
echo("<meta http-equiv = refresh content=0;url=".$url_failure.">");
}
?>then after creating the script i'd thought about protecting the directories that i want to be accessed by members only, which led me to read up on .htaccess files. But, how do i make the htaccess file look for the passwords in the mysql database?
do i use a php include path in the .htaccess file (and the php include connects and queries the database?). can someone explain and point me in the right direction on what to do?
Cheers!