I'm stuck again! I have confidential user information in a folder that is protected by .htaccess and .htpasswd files which is working fine. Thing is, when I try to include images from this folder in a webpage built by the heredoc feature of PHP, a login box appears before the page does.
Is there a way of specifying a username/password to allow the image to be included on the page or is there a better way round it?
Also, is it safe to put .htaccess/.htpasswd only in the first level of folder protection required or should these files be in all subfolders too in order to protect those subfolders?
to protect both levels, should the .ht files be in both folders or just /topfolder/ ?