User:Sexytyranno/Sandbox

So you want to secure a folder on your website, but want all the passwords to be dynamic from a database? Not a worry at all! In fact, it's actually rather easy! While this guide specifically refers to getting it up and working using PHP, the basic changes to your .htaccess file will work with any CGI binary!

.htaccess Changes
The first thing you'll need to do is to add the following section of code to your .htaccess file.

   RewriteEngine on    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] 

PHP Code
Here's a brief overview of the PHP code you'll use as an requireable authorization handler.

<?php // // http://wiki.dreamhost.com/HTTP_Auth_with_CGI //

// We'll take the HTTP Authorization information and parse it out. // The substr(,6) is to take off the prefixing string "Basic " list($_SERVER['HTTP_AUTH_USER'], $_SERVER['HTTP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));

function httpauth_sendRequireAuth { header('WWW-Authenticate: Basic realm="My Realm"'); header('HTTP/1.0 401 Unauthorized'); echo 'Text to send if user hits Cancel button'; exit; }

// Show the log-in dialog if (!isset($_SERVER['HTTP_AUTH_USER'])) { httpauth_sendRequireAuth; }

// So they submitted log-in credentials. This sample will only // display the auth transmitted printf(' Hello, %s! You entered "%s" as your password. ',    $_SERVER['HTTP_AUTH_USER'], $_SERVER['HTTP_AUTH_PW']);

?>