views:

23

answers:

1

I have a folder in the webroot at http://somesite.com/folder which I'm password protecting with the directory password protection feature in cpanel which I guess uses some form of htacccess. So it's not protected with a normal login system that's connected to a database that I can check against.

Once a correct username and password is entered, a user can see the content of the folder

http://somesite.com/folder/index.php

I'm trying to find a php way to see what account was used to log into the folder. Anyone can think of a way this can be done?

+2  A: 

For basic, authentication, you'll have $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'].

For digest, you can parse $_SERVER['PHP_AUTH_DIGEST'] or just look at $_SERVER['PHP_AUTH_USER'] if you want the username (the password won't be available).

Artefacto
Thanks Artefacto, how do I know if it uses `basic` or `digest`? Do I just try it out and see which works, or something more to it?
devling
You can read the .htaccess file, under AuthType.
Artefacto