[clug-talk] problem with login between phpBB and .htaccess secured directory

Gustin Johnson gustin at echostar.ca
Wed Sep 14 01:17:05 PDT 2005


These are a non-programmers thoughts.  For problems like this I delegate :)

.htaccess and phpbb are two different things that just happen to share the 
same backend for usernames and passwords.  I have two php apps that 
authenticate users against the same LDAP backend, but users have to log in 
twice as I have not unified the two apps (one is a very large 
webmail/groupware package and the other is a home brew management console).

I have not used phpbb in a few years, but perhaps phpbb can be made to 
authenticate via .htaccess, then the browser caches the uid/pw for file 
access as well.  

Another option is to use a virtual file system where the files are stored in 
MySql.  A quick prayer to god (aka google) pointed me to this site:
http://www.phpbbhacks.com
specifically:
http://www.phpbbhacks.com/download/2128
and
http://www.phpbbhacks.com/download/251
and
http://www.phpbbhacks.com/download/4118


http://horde.org has a whole suite of apps that can share the same session.  

hope this helps

On Wednesday 14 September 2005 01:01, Darcy Brodie wrote:
>     I am trying to use the username and passwords from  SubDreamer CMS /
> phpBB Bulletin Board (usernames and passwords are stored in MySQL) to
> allow a registered user access to a protected directory on the same web
> site (a members area).  I would enclose the documents into the CMS,
> which would make it easy to only allow registered users, however, most
> of the documents that I have in there are pdf's.
>
>     I have successsfully been able to connect the .htaccess
> authentication to the MySQL database (using mod_auth_mysql), however,
> this is where I am having the problems.  Currently, when a user logs
> into the CMS / Bulletin Board, it allows him extra pages on the web
> site.  But if he wants to goto the members page for these pdf files, he
> has to log in again.  I am looking to create a single login that would
> allow him to (a) log into the CMS / Bulletin Board, and (b) this would
> allow him access to the members area without having to re-submit his
> username / password.  As a safety, I would want it so that if someone
> attempts to directly access a file in the members area, that it would
> ask for a valid username and password (here, I am not concerned if it
> logs him into the CMS system or not)
>
>     Any suggestions would be appreciated.  Thanks
>
> Darcy
>
>
> _______________________________________________
> clug-talk mailing list
> clug-talk at clug.ca
> http://clug.ca/mailman/listinfo/clug-talk_clug.ca
> Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
> **Please remove these lines when replying
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/clug-talk_clug.ca/attachments/20050914/279daf7f/attachment.bin


More information about the clug-talk mailing list