hi guys,
i have a folder which stores uploaded documents and images. the site is password protected using php with mysql database behind it.
problem is the pages are secure which is great but the directory in which the documents and images sit is not protected.
i was looking at securing using htaccess file however i would rather that the directory being protected could run off their username and password from the mysql database?
is their any script that i could use on apache to do this?
i found this on the net:
AuthType Basic
AuthName "MySQL Member Page"
Auth_MYSQLhost www.widexl.com
Auth_MYSQLusername root
Auth_MYSQLpassword tengo
Auth_MYSQLdatabase members
Auth_MYSQLpwd_table widexl
Auth_MYSQLuid_field username
Auth_MYSQLpwd_field password
Auth_MYSQL_EncryptedPasswords off
require valid-user
however i am unsure if thid will work with encrypted md5 passwords in the database?
also is this all the code i need to protect this directory? do i just put this code into a blank page and call it .htaccess?
urgent help here so greatly appreciated if you could help.
thanks