Can PHP exec Apache (.htaccess) user/password authentication?

I have a web site where web pages are set-up for clients to be able to
download project files. I'm doing this now with .htaccess and each user
has their own directory. So the user is given their user name/password
and the url for their web page (http://www.domain.com/username) Their
own web page comes up with their name on it and it lists their files.

OK, I was asked, "Why not just have a Login page, and the users enter
in their user name and password which takes them to the directory
already set-up for them now?" That sounds like a reasonable request.

Is there a way to request this from the user through PHP and then pass
it on to Apache's .htaccess for that user's directory to take care of
the authentication? In other words, as if they typed in the url
((http://www.domain.com/username) and logged in directly?

I hope my posting is clear. If not please ask questions, and of course,
be kind. ;-) Thanks!

eastcoastguyz wrote:
> I have a web site where web pages are set-up for clients to be able to
> download project files. I'm doing this now with .htaccess and each user
> has their own directory. So the user is given their user name/password
> and the url for their web page (http://www.domain.com/username) Their
> own web page comes up with their name on it and it lists their files.
>
> OK, I was asked, "Why not just have a Login page, and the users enter
> in their user name and password which takes them to the directory
> already set-up for them now?" That sounds like a reasonable request.
>
> Is there a way to request this from the user through PHP and then pass
> it on to Apache's .htaccess for that user's directory to take care of
> the authentication? In other words, as if they typed in the url
> ((http://www.domain.com/username) and logged in directly?
>
> I hope my posting is clear. If not please ask questions, and of course,
> be kind. ;-) Thanks!
>

HTTP Authentication:
http://us2.php.net/features.http-auth

Say example.com/account/ is protected with Basic Auth.

When the user attempts to access, they need to enter in their user/pass
to gain access. In the directory index page (index.php for this
example), you simply need to check the $_SERVER['PHP_AUTH_USER']
variable for the username that they entered. Then you can redirect to
(or better yet, display) the content that user should see.

HTH

--
Justin Koivisto, ZCE - justin@koivi.com
http://koivi.com

Justin Koivisto wrote:
> eastcoastguyz wrote:
> > I have a web site where web pages are set-up for clients to be able to
> > download project files. I'm doing this now with .htaccess and each user
> > has their own directory. So the user is given their user name/password
> > and the url for their web page (http://www.domain.com/username) Their
> > own web page comes up with their name on it and it lists their files.
> >
> > OK, I was asked, "Why not just have a Login page, and the users enter
> > in their user name and password which takes them to the directory
> > already set-up for them now?" That sounds like a reasonable request.
> >
> > Is there a way to request this from the user through PHP and then pass
> > it on to Apache's .htaccess for that user's directory to take care of
> > the authentication? In other words, as if they typed in the url
> > ((http://www.domain.com/username) and logged in directly?
> >
> > I hope my posting is clear. If not please ask questions, and of course,
> > be kind. ;-) Thanks!
> >
>
> HTTP Authentication:
> http://us2.php.net/features.http-auth
>
> Say example.com/account/ is protected with Basic Auth.
>
> When the user attempts to access, they need to enter in their user/pass
> to gain access. In the directory index page (index.php for this
> example), you simply need to check the $_SERVER['PHP_AUTH_USER']
> variable for the username that they entered. Then you can redirect to
> (or better yet, display) the content that user should see.
>
> HTH
>
> --
> Justin Koivisto, ZCE - justin@koivi.com
> http://koivi.com

Thanks for the reply. How does the PHP collecting their username and
password get passed on so that Apache can perform Basic Auth?

Also, I wasn't able to get those code examples in
http://us2.php.net/features.http-auth to work. Do you know of a working
example of this I could download? Thank you!

eastcoastguyz wrote:
> Justin Koivisto wrote:
>
>>eastcoastguyz wrote:
>>
>>>I have a web site where web pages are set-up for clients to be able to
>>>download project files. I'm doing this now with .htaccess and each user
>>>has their own directory. So the user is given their user name/password
>>>and the url for their web page (http://www.domain.com/username) Their
>>>own web page comes up with their name on it and it lists their files.
>>>
>>>OK, I was asked, "Why not just have a Login page, and the users enter
>>>in their user name and password which takes them to the directory
>>>already set-up for them now?" That sounds like a reasonable request.
>>>
>>>Is there a way to request this from the user through PHP and then pass
>>>it on to Apache's .htaccess for that user's directory to take care of
>>>the authentication? In other words, as if they typed in the url
>>>((http://www.domain.com/username) and logged in directly?
>>>
>>>I hope my posting is clear. If not please ask questions, and of course,
>>>be kind. ;-) Thanks!
>>>
>>
>>HTTP Authentication:
>>http://us2.php.net/features.http-auth
>>
>>Say example.com/account/ is protected with Basic Auth.
>>
>>When the user attempts to access, they need to enter in their user/pass
>>to gain access. In the directory index page (index.php for this
>>example), you simply need to check the $_SERVER['PHP_AUTH_USER']
>>variable for the username that they entered. Then you can redirect to
>>(or better yet, display) the content that user should see.
>
> Thanks for the reply. How does the PHP collecting their username and
> password get passed on so that Apache can perform Basic Auth?
>
> Also, I wasn't able to get those code examples in
> http://us2.php.net/features.http-auth to work. Do you know of a working
> example of this I could download? Thank you!

Check this out: http://www.zend.com/zend/tut/authentication.php

Also:
http://koivi.com/php-http-auth/protect.php
user: testing
pass: tester

--
Justin Koivisto, ZCE - justin@koivi.com
http://koivi.com