Comments on: Control htaccess Basic Authentication with PHP and mod_rewrite

By: Jaime

Jaime — Sat, 16 May 2009 00:43:43 +0000

Ok, I got it to work with the following code. I use mine to protect mp3 files on my site.

$fqfile=$absolutepath/$filename;
if (file_exists($fqfile))
{
 header("Cache-Control: public, must-revalidate");
 header("Pragma: hack"); // not sure what this does but it works
 header("Content-Type: " . $mm_type);
 header("Content-Length: " .(string)(filesize($fqfile)) );
 header('Content-type: audio/mpeg');
 //header('Content-Disposition: attachment; filename="'.$filename.'"');
 header("Content-Transfer-Encoding: binary\n");
 readfile($fqfile);
}

By: Jaime

Jaime — Wed, 13 May 2009 00:56:07 +0000

Funny. I have the EXACT same problem as alfred. I am trying to protect mp3/etc.. files on my site with a simple php session check routine, though after it succeeds I am lost as to how to resume the normal GET operation.

Any help or pointers would be greatly appreciated.

By: John Drummond

John Drummond — Tue, 11 Mar 2008 10:35:19 +0000

At last, I found this at AlistApart: How to Succeed With URLs

session_start();
if (session_is_registered(pdb_sessname))
{
  if(file_exists($DOCUMENT_ROOT.$REQUEST_URI) and
($SCRIPT_FILENAME!=$DOCUMENT_ROOT.$REQUEST_URI) and ($REQUEST_URI!="/"))
  {
    $url=$REQUEST_URI;
    include($DOCUMENT_ROOT.$url);
    exit();
  }
}

By: Alfred

Alfred — Fri, 05 Oct 2007 06:59:50 +0000

I would like to implement the AddHandler tip to restrict access to CONTENT.HTML (and other HTML files) to authorised users. Content of .htaccess:

AddHandler mywrapper .html Action mywrapper /secure.php

Contents of secure.php:

session_start(); if(!$_SESSION['authorised']){ die('You are not authorised to access this content!'); } else { // THIS IS WHERE I DONT KNOW WHAT TO DO }

How do I get CONTENT.HTML to display if $_SESSION['authorised'] is true?