I have password-protected a directory on my website using htaccess. When I type in the URL to the folder I get a simple popup box where I can type in my info. All is fine. But what I really want to do i have a html/php/mySQL form where you can log in, instead of a popup box. Is there any way to do this? NOTE: The directory i want to protect has hundreds of files.
I know how to make a form, query a database, i just want to replace the popup with a html form.
One possible approach...
Say you want to protect the directory "protected".
Using .htaccess, limit all access to this directory by putting
Options -Indexes
# Block External Access
deny from all
in the .htaccess file within the "protected" directory.
Next, use a RewriteRule to catch all URL's going to the "protected" directory in your main .htaccess file. For example:
RewriteEngine on
RewriteRule ^protected/(.*) accessprotected.php?url=$1
Normally, the RewriteRule should catch all URL's going to the "protected" directory and transmit them to the accessprotected.php-page.
On the accessprotected.php-page, check for login-status.
if (isset($_SESSION['LoggedIn'])) { // or something like this
/*
Here, you should check what file type is being
requested and handle this properly.
*/
} else {
// put code for login form here
}
You need to make it so any landing page on the site redirects you back to the initial login page if the person isn't signed in. This landing page needs to be HTML in order to be styled.
.htaccess controls are a function of Apache and can't be styled using PHP or CSS or anything like that. They rely on built-in browser controls to return a default dialog box.
