Can I redirect two users to two different subdirectories of domain.com based on their usernames via .htaccess or via other means?

pae2
pae2 used Ask the Experts™
on
I need to redirect two users to two different subdirectories of domain.com based on their usernames via .htaccess.

Here's an example of what I'm looking to do:

01. user goes to domain.com (the homepage)
02. user is prompted to enter username/password via .htaccess
03. if(username1) redirect to domain.com/1, based on successful .htaccess login info
04. if(username2) redirect to domain.com/2, based on successful .htaccess login info

My hope is to be able to achieve this simply through .htaccess, if possible.

If this cannot be achieved via .htaccess, what mechanism can be used? Here are the technologies I have access to:

01. CGI
02. Platform Type: Debian
03. MySQL Version: 5.0.77
04. Perl Version: 5.8.8
05. PHP Version: 5.2.5
06. Sendmail
07. other Perl mods
08. PEAR mods

My preference would be to do this via .htaccess, if possible. I have programming experience via education, but not much real-world experience with it. I can go with another solution, but if it's in-depth, I'll need some help getting through it.

Thanks!!
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Use php. It's simple, after a user logs in with .ht authentication, which you apparently already have, have your index.php file be:

(might need #!/usr/bin/php as line 1 of php scripts, but probably not. )
<?php
switch($_SERVER['PHP_AUTH_USER']) {
  case 'user1':
    header("Location: /user1/");
    break;
  case 'user2':
    header("Location: /sitea/page1.html");
    break;
  default:
    //unknown or no user
    header("Location: login.html"); 
} 
?>

Open in new window

This way you can just manage a users.txt file   Username:Page


users.txt:

user1:/user1/
user2:/sitea/page1.html
<?php
/* index.php */ 
$list = file('users.txt'); 
foreach($list as $item) {
  $data = split(':',$item);
  if($_SERVER['PHP_AUTH_USER']==$data[0]) { 
    header("Location: $data[1]");
    exit;
  }
} 
//if code gets here, we're not listed or logged in
header("Location: login.html"); 
?>

Open in new window

Author

Commented:
themrrobert,

Do I need to do anything to my .htaccess file? Also, are you around this weekend to help me through this in case I need help??? I have to get this done by Monday.

Thanks!!

P
Why Diversity in Tech Matters

Kesha Williams, certified professional and software developer, explores the imbalance of diversity in the world of technology -- especially when it comes to hiring women. She showcases ways she's making a difference through the Colors of STEM program.

Now if you just want to go to a directory based on username, this will send user1 to domain.com/user1 and user2 to domain.com/user2:


Note: 2 Versions attached. You might like V2 better. Make suer the realm matches up.
<?php
/* index.php */
if($_SERVER['PHP_AUTH_USER']) {
  header("Location: /{$_SERVER['PHP_AUTH_USER']/}");
} else {
  //not logged in:
  header("Location: login.html");
} 
?> 
Version2:
<?php
/* index.php */
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="YOUR REALM"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Sorry. Not Authorized'; //Text Shown if cancel pressed
    exit;
} else {
  header("Location: /{$_SERVER[PHP_AUTH_USER]/}");
}
?>

Open in new window

yeah I will be around a bit. my email is:

theat.robert  (w/)  gmail

( /\ slightly messy ;)

I'm not an expert with .htaccess authorization. And no, you shouldn't need to change your .htaccess file. If you have a working .htpasswd or whatever with a working log-in setup already, you can just drop this in there.

Author

Commented:
Both blocks of code go into index.php?

Will I still need .htaccess?

Thanks!!

P

Author

Commented:
I like version2 better.
No, only use the second block of code if you want to use version 2.

Yes, you still need your .htaccess and .htpasswd/.htgroup however you are authorizing users.

Author

Commented:
Okay, I understand the .htaccess deal now.

One more question for now then I will try to implement later tonight: can you please type pseudocode for version2? I just want to understand the code. It'll help when I'm trying to get it to work.

Thanks a lot!!!! You're awesome!!

P
Answer this: Do you already have a working setup? Like when you visit your site, does it ask for credentials, and then go to a page upon successful log-in? If so, then this script should pick up the variables.

Otherwise, you need to set up your .htaccess and .htpasswd with user authentication data.

Version 2 might conflict with your .htaccess file setup, but i don't think it will.

Important:
PHP is not handling the log-ins. The code assumes you already have a working log-in setup with your .htaccess file[s]. The code only redirects after the user is logged in.

Author

Commented:
Yes, I have a working .htaccess/.htpasswd file setup. How might version-2 conflict with my .htaccess file setup?

Thanks!!

P
If you have any problems, use version one of the final post.
Note:
PHP_AUTH_USER = HT AUTH USER
PHP_AUTH_PW = HT AUTH PW

<?php //open php
/* comment */
IF NOT (IsVariableAssigned($_SERVERVARIABLES['PHP_AUTH_USER'])) THEN
  SendHttpHeader('Authenticate: with (htaccess/htpasswd) realm="REALM NAME');
  SendHttpHeader('Not Authorized');
  echo "HTML Displayed if user does not authenticate."
  quit
ELSE
  SendHeader(ChangeLocationTo: /username/);
ENDIF
?>

This is all untested code, the only problem i see with the version 2, which is really like version 4 or 5, is that PHP may try and take over the authentication process. Technically, the .htaccess should prevent index.php from running until a user is already validated, and thats what should happen. $_SERVER[PHP_AUTH_USER] is only set if a user is authenticated with the browser and server.
<?php
/* index.php */
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="YOUR REALM"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Sorry. Not Authorized'; //Text Shown if cancel pressed
    exit;
} else {
  header("Location: /{$_SERVER[PHP_AUTH_USER]/}");
}
?>

Open in new window

Having the authentication code at the top of the script helps to cover all the bases. It makes for complete and secure code, where as assuming the user is authenticated could lead to trouble. (assuming anything in programming is bad =p )

Author

Commented:
themrrobert,

I'm a little confused right now with all the blocks of code.

Can you please post two final versions: final version#1 and final version#2?

Thanks!!

P
It hasn't changed. I wrote the psuedo code and pasted the code along with it. Don't worry about anything other than these ones below \/ just make sure you change the variables you need to.
<?php
/*******************************************\
| index.php                                 |
| Sends authenticated users to directories  |
| matching their username */                |
| ie:  http://domain.com/UserName/          |
\___________________________________________/ 
if($_SERVER['PHP_AUTH_USER']) {
  header("Location: /{$_SERVER['PHP_AUTH_USER']/}");
} else {
  //not logged in:
  header("Location: login.html");
} 
?> 
Version2:
<?php
/* index.php */
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="YOUR REALM"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Sorry. Not Authorized'; //Text Shown if cancel pressed
    exit;
} else {
  header("Location: /{$_SERVER[PHP_AUTH_USER]/}");
}
?>

Open in new window

Author

Commented:
themrrobert,

I will give it a shot later tonight. I have other work I have to take care of first.

Thanks for everything. You will be hearing from me tonight on EE and/or via email.

Thanks so much!!!

P
Sorry to make so many posts. I screwed up my heading :(
<?php
/*******************************************\
| index.php                                 |
| Sends authenticated users to directories  |
| matching their username                   |
| ie:  http://domain.com/UserName/          |
\__________________________________________*/ 
if($_SERVER['PHP_AUTH_USER']) {
  header("Location: /{$_SERVER['PHP_AUTH_USER']/}");
} else {
  //not logged in:
  header("Location: login.html");
} 
?> 
Version2:
<?php
/* index.php */
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="YOUR REALM"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Sorry. Not Authorized'; //Text Shown if cancel pressed
    exit;
} else {
  header("Location: /{$_SERVER[PHP_AUTH_USER]/}");
}
?>

Open in new window

Author

Commented:
themrrobert,

No problem!!! I am going to go with the last block of code.

Thanks so much!!

P

Author

Commented:
themrrobert,

i am going to be working on this on sunday. sorry for delay. i have a project for school that has been taking up all my time. but this is first on sunday. you'll be hearing from me then

thanks!!

p
Let me know if you need help. Use my email address its most reliable contact. Questions tend to get lost in the abyss.

Also let me know if it is simply working, as it should ;)

Author

Commented:
themrrobert,

I did not get to it yesterday. I just finished by school project at 4am last night. So I'm going to be starting in about an hour. I will be in touch shortly!!!

Thanks!!

P

Author

Commented:
themrrobert,

I sent you an email, hopefully to the right account. Can you please check it and let me know what to do? It's not working!!

Thanks!!

P

Author

Commented:
this is the code that i used:


<?php
/*******************************************\
| index.php                                 |
| Sends authenticated users to directories  |
| matching their username                   |
| ie:  http://domain.com/UserName/          |
\__________________________________________*/ 
if($_SERVER['PHP_AUTH_USER']) {
  header("Location: /{$_SERVER['PHP_AUTH_USER']/}");
} else {
  //not logged in:
  header("Location: login.html");
} 
?> 
Version2:
<?php
/* index.php */
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="YOUR REALM"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Sorry. Not Authorized'; //Text Shown if cancel pressed
    exit;
} else {
  header("Location: /{$_SERVER[PHP_AUTH_USER]/}");
}
?>

Open in new window

Author

Commented:
I tried this code, but it keeps redirecting to the default option, that is the login.html page:
<?php
switch($_SERVER['PHP_AUTH_USER']) {
  case 'user1':
    header("Location: /user1/");
    break;
  case 'user2':
    header("Location: /sitea/page1.html");
    break;
  default:
    //unknown or no user
    header("Location: login.html"); 
} 
?>

Open in new window

Author

Commented:
For the switch/case code, I popped a valid username into the 'user1' variable and I put a valid location into "Location: /user1/" but it keeps redirecting to login.html, which makes me thing that it's not getting the username value after I login. What should I do?

Thanks!!

P

Author

Commented:
Does someone have an alternate solution or can someone help me through this solution soon? I need to get this resolved by tonight.

Thanks!!

P

Author

Commented:
I modified the code a bit to see if the variable was being assigned and the output is still just a blank page:
<?php
 
if (!isset($_SERVER['PHP_AUTH_USER'])) {
 
switch($_SERVER['PHP_AUTH_USER']) {
  case 'user1':
    header("Location: /user1/");
    break;
  case 'user2':
    header("Location: /sitea/page1.html");
    break;
  default:
    //unknown or no user
    header("Location: login.html"); }
 
else
 { echo 'Variable is NOT set!!!'; }
 
} 
?>

Open in new window

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial