I've got a directory that is HTTP protected. Now I also have a login.php file where users can type there usernames and passwords.
The pass is hashed and compared with the value in a MySQL database. All this works.
So I have a php-page with a $username and $hashedpassword.
When you open a file in that HTTP-protected dir. it gives you the standard HTTP-loginmessage, where you can give your username and pass.
Now I want to give the username and password for the dir through php so that when users log in on the login.php page do not have to login with different passes in the dir.HTTPauthmessage.
You can't set the HTTP authentication variables (used to authenticate with .htaccess) via an HTML form. Your best bet would be to use PHP to protext the content rather than .htaccess - I presume you set a cookie on the user's machine in your PHP system to say that they are logged in? If so you can check that cookie at the top of every page in the password protected area - if they aren't logged in display an error message telling them they have to log in to view the content.
So... you want to unify the logins so people don't have to enter a username and password twice? Well, if you don't want to change all of your .htaccess html files into PHP files you can always go the other way and let the .htaccess style authorisation authorise people for your PHP scripts, probvided you have PHP installed as an Apache module. Have a look in the PHP Manual under the user authentication bit, it explains how to get PHP to "read" whatever username and password a user entered in tthe .htaccess style username/password form.
Usernames and passwords for .htaccess are dealt with in the .htpasswd file. I've just realised that if you want to synchonise that with your PHP user database you will have to get the PHP to automatically re-generate the .htpasswd file whenever a user is added / deleted / changes their password. That's a lot of hassle...
If you don't want to do that though your only option is to change your protected HTML files into PHP files and add a short bit of code at the start of each page which checks that the user is logged in.
Bookmarks