Say you have a website, some of it open to the public, some open to members only… the member’s only section is protected with an htaccess defined user… but, you don’t want to have to set up all the members individually through that file… so, you create a form, get the user to enter a user id and password, bring that into a PHP script, query your MySQL Database, compare that to what’s on file for that user…. and then, if matched, redirect them to the page that is in the htaccess protected section of the site…. however, you don’t want HTTP to prompt them to enter the user id as defined in the htaccess file… you want to pass that along in the redirect…..
So, a normal redirect would look like:
Both of those invoke the HTTP Prompt.
I’ve tried something like this:
Where MYUSER is the user defined in the htaccess file and MYPASSWORD the password, but get an invalid URL message if I'm using IE. I understand that this syntax would work with Mozilla or other browsers... but I need a solution that will work for all browsers.
I’ve also tried this, but it doesn’t seem to do anything (still get HTTP Prompt)
$_SERVER['PHP_AUTH_USER'] = 'MYUSER';
$_SERVER['PHP_AUTH_PW'] = 'MYPASSWORD';
The member folder is protected by the htaccess stuff. Basically, I want to provide the userid and password as defined in the htaccess file behind the scenes and do the actual user authentication myself through lookups to our member MySQL database.
I've also tried mod_auth_mysql but our webhost is not set up to allow that kind of authorization.