Originally Posted by midget

Thnaks for your help on this -

It does not seem to change anything -

I don't use md5 I use basic unix crypt function (please no jokes
so obviously I had trouble at first -
so I simply changed that line to correspond to the encryption that is being use - lol - fantastically enough I was able to log in. . .

I know you said you didn't test the script so it is just a template - so that must be the reason it has not changed anything - but at least I got it (or you got it) to authenticate through the script - so the next step is just getting the script to work -

The one question that really stands out though is how can we get it to authenticate through the script - which means it is working - and still get the same reaction?

Originally Posted by digital-ether

Here's a solution to getting around the IE problem with their disabling using the browser address bar to login via HTTP Basic Authentication.

[HTML]<script>

// url of Basic Authentication page
var auth_url = 'protected/index.php';
// url user wants to access
var private_url = 'protected/files/file.zip';

function getPrivatePage() {

var user = document.getElementById('user').value;
var pw = document.getElementById('pw').value;

// create an execute xmlHTTPRequest
var xmlhttp = false;
if (window.XMLHttpRequest) {
xmlhttp = (new XMLHttpRequest());
} else if (window.ActiveXObject) {
// find latest XMLHTTP implementation on IE
var versions = [
"Msxml2.XMLHTTP.7.0",
"Msxml2.XMLHTTP.6.0",
"Msxml2.XMLHTTP.5.0",
"Msxml2.XMLHTTP.4.0",
"MSXML2.XMLHTTP.3.0",
"MSXML2.XMLHTTP",
"Microsoft.XMLHTTP"];
var n = versions.length;
for (var i = 0; i < n; i++) {
try {
if (xhr = (new ActiveXObject(versions[i]))) {
break;
}
} catch (e) { /* try next */ }
}
}
if (!xmlhttp) {
location.href = auth_url;
return false;
}
xmlhttp.onreadystatechange = function() { handleGetPrivatePageResponse(xmlhttp); };
xmlhttp.open('GET', auth_url, true, user, pw);
xmlhttp.send(null);
}

function handleGetPrivatePageResponse(xmlhttp) {
if (xmlhttp.readyState == 4) {
if (xmlhttp.status == 200) {
alert('Log in successful.');
location.href = private_url;
} else if (xmlhttp.status == 401) {
alert('The Username and password are incorrect. Please try again.');
} else {
alert('An unknown Error Occurred. HTTP Status: '+xmlhttp.status);
}
}
}

</script>

<fieldset>
<legend>Enter A Username and Password to Access the Private Area</legend>
<input type="text" name="user" id="user" />
<input type="text" name="pw" id="pw" />
<input type="button" onclick="getPrivatePage();" value="Enter" />
</fieldset>
<fieldset>[/HTML]
.

Originally Posted by midget

May be you will help me with this - I essentially want to turn this into a logout script - by logging in to another protected area - can you tell me how I could hardline a user name and password so it sends the same one every time without having to put them in the boxes - essentially I want to get rid of the input boxes too and just have a logout button

Thanks