By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
434,796 Members | 1,240 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 434,796 IT Pros & Developers. It's quick & easy.

PHP-.htaccess-CGI

P: n/a
Hi all,

I created a set of pages with PHP for login using a database. Now, I
need to
link to a lot of CGI programs in a folder with protected-access
(.htaccess). The
username and password are the same as the ones people use to login
with. Is there a way to use the session usrname/password for the HTTP
authentication to that folder ?? If I remove the .htaccess for that
particular folder, then all those files will have access without any
kind of authentication.

I tried username:pa******@www.example.com . But this doesnt work with
IE 6. So I need something else.

Jul 17 '05 #1
Share this Question
Share on Google+
4 Replies


P: n/a
Or is there any server/env /session variable that can be checked in the
beginning of these CGI programs or redirect to login page. This way I
can add a line in all those cgi programs to check whether a variable is
set or not. And remove the .htaccess file.

Jul 17 '05 #2

P: n/a
Can I set $_ENV['REMOTE_USER'] to some value ?? Or it can only b set
by apache ??

My plan is to set $_ENV['REMOTE_USER'] to username when user logs in
and in the cgi script, check if $_ENV['REMOTE_USER'] is defined.

Jul 17 '05 #3

P: n/a
>Can I set $_ENV['REMOTE_USER'] to some value ?? Or it can only b set
by apache ??


Don't expect such a change to last longer than a single page run,
if it works at all. You probably want to look at $_SESSION[] and
sessions.

Gordon L. Burditt
Jul 17 '05 #4

P: n/a
*** psk79 wrote/escribió (28 Apr 2005 11:20:29 -0700):
I created a set of pages with PHP for login using a database. Now, I
need to
link to a lot of CGI programs in a folder with protected-access
(.htaccess). The
username and password are the same as the ones people use to login
with. Is there a way to use the session usrname/password for the HTTP
authentication to that folder ?? If I remove the .htaccess for that
particular folder, then all those files will have access without any
kind of authentication.
I've not really understood what you're trying to accomplish. With Apache
you can password protect CGI files the very same way you protect any other
type of resource: copy your .htaccess file to your cgi-bin folder or any
parent folder.

Maybe you want to write a CGI script that makes use of HTTP authentication.
There must probably be some pre-written libraries out there; the method
itself is not hard to implement, but you need to find and read the RFC
document (you must send an specific HTTP header with auth info). You can
also connect with a browser and sniff the header sent by it. The
LiveHTTPHeaders extension for Mozilla/Firefox makes so very easy.

I tried username:pa******@www.example.com . But this doesnt work with
IE 6. So I need something else.


All modern browsers allow you to store passwords, you don't need to add it
to bookmarks, if that's what you mean.
--
-- Álvaro G. Vicario - Burgos, Spain
-- http://bits.demogracia.com - Mi sitio sobre programación web
-- Don't e-mail me your questions, post them to the group
--
Jul 17 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.