How about using PHP sessions like this:
<?php
if (!isset($PHP_AUTH_USER) || !isset($PHP_AUTH_PW)) {
//If the PHP session variables aren't set, ask for name and password
header('WWW-Authenticate: Basic realm="Authorized Users Only"');
header('HTTP/1.0 401 Unauthorized');
exit;
} else if (isset($PHP_AUTH_USER) && isset($PHP_AUTH_PW)) {
//If the variables are set, check the username and password against a //database.
$conn = pg_Connect("host=localhost dbname=[dbname] port=[portnumber]");
$result = pg_Exec($conn,
"SELECT *
FROM [table]
WHERE username='$PHP_AUTH_USER' AND
password='$PHP_AUTH_PW';");
$num = pg_NumRows($result);
$i = 0;
//If the user is authenticated against the database, echo the html code for //the page you want them to see
if ($num != 0) {
echo "<HTML> ...... </HTML>"
}
}
?>
Use this configuration for any web page on your site that should have restricted access, then rename those files with a .php extension. In this example the connection is to a PostgreSQL database on my linux server, you may need a different connection string/method for your needs, but this works great otherwise. Once a user provides their login information they can immediately access any of the pages with the php code. Their login wont be lost until they close their browser, or you could give them a logout option that would reset the user and password variables. I found the original tutorial on this at this address:
http://webmonkey.wired.com/webmonkey...tw=programming
Hope this helps!
Unsolved 
