Restricting Access

gismo · 05-08-2004, 04:30 PM

Hi All,

I have two users on my site a student and a teacher, i want the system to be able to recognise whether a student or a teacher has logged on and then allow the teacher to access the teacher area, while dissallowing the student to access it. Any suggestions??

Thanks,
Gismo

oracleguy · 05-08-2004, 06:17 PM

What web server are you running?

If your running Apache, you can use .htaccess to do what your going for.

gismo · 05-09-2004, 12:59 PM

Thanks OracleGuy. Do you much about .htaccess as i have tried this but cant seem to get it working. Here is the code that i am using. I would really appreciate any suggestions.
.htpasswd file:
Gismo

assword

.htaccess file:
AuthUserFile /c:/apache/.htpasswd
AuthGroupFile /dev/null
AuthName Teacher Area
AuthType Basic

require user Gismo

Thanks,
Gismo

oracleguy · 05-10-2004, 07:31 AM

First off, are you making sure you use MD5 encryption on the password? There is a program that comes with apache that can do it through the command line. Or you can make a small .php page and put:

PHP Code:


			
<? echo md5("Password") ?>

And it will yeild the MD5 version of your password to put in the .htpasswd file. Remember since MD5 is a case-sensitive encryption, your password is then thus case-sensitive.

Additionally, from the code you posted I assume your running apache on a windows OS?

gismo · 05-10-2004, 11:02 AM

Hi,

Yes i am running Apache on Windows XP. The .php file do a need to save it in the same directory as the htaccess file and do i need to give it a particular name?

Thank You,
Gismo

bcarl314 · 05-10-2004, 01:33 PM

Quote:

Originally Posted by gismo

Thanks OracleGuy. Do you much about .htaccess as i have tried this but cant seem to get it working. Here is the code that i am using. I would really appreciate any suggestions.
.htpasswd file:
Gismo

assword

.htaccess file:
AuthUserFile /c:/apache/.htpasswd
AuthGroupFile /dev/null
AuthName Teacher Area
AuthType Basic

require user Gismo

Thanks,
Gismo

Also, I doubt the "/c:/apache/.htpasswd" line will work.

Starting a directory path with a "/" is a Unix thing (*nix). Try removing the beginning "/" on that line.

Also, you're using "/dev/null" for your group file. Again in a *nix format. Try dropping the line or replacing it with a valid window path.

Hope this helps

oracleguy · 05-10-2004, 07:00 PM

Quote:

Originally Posted by gismo

Hi,

Yes i am running Apache on Windows XP. The .php file do a need to save it in the same directory as the htaccess file and do i need to give it a particular name?

Thank You,
Gismo

No, just put it in the same folder as your website. Then visit the page in your browser and PHP is generated the encrypted version of your password. The page name doesn't matter.

Once you do this, you can copy the encrypted version of the password into your .htaccess file.

If you've done what bcarl and I have said and it still doesn't work, you might need to change the file to something like ht.access and change your Apache config file. Because Windows sometimes has issues with dealing file filenames that have just an extension.