I would like to password protect a directory. I know how to use .htaccess, but I would rather not use that method if I can find another method.

The reason I don't want to use that method is because when a person tries to access a protected directory, they get a pop-up window asking for username and password. For the site that I'm putting this on, I'd rather use a more standard-looking login text box on the page. Is there a fairly easy way to do this?

I basically just want to use the same amount of protection that .htaccess provides, I just want to allow users to access it in a slightly different way.

Any ideas?

thanks!

You could achieve this with PHP. If all the files within the directory that you would like to protect are PHP files, you could use PHP sessions to protect the directory. You could create a PHP file (an access control file) in the directory that would have something like this in it:

<?
session_start();

if(!session_is_registered("SESSION")) {
header("Location:http://domain.com/login.html");
exit;
}
?>

You would then need to include this access control file in every file in this directory:

include("access_control.php");

In the login script, you would need to register the session variable SESSION if the login is successful (valid username and password):

session_register("SESSION");

If someone tries to access any file within the directory and they have not successfully logged in, they will be taken to the login page that you designate in your access control script. If they have successfully logged in, the session variable SESSION will be registered and they will be able to access any file in the directory.

Thanks for the suggestion.

What if all the files aren't PHP, though? How do I control access to them using your suggested method?

thanks

http://php.warpedweb.net/pageprotect/

Vito

If you are using php>4.1.0 you should use $_SESSION rather than session_register()