.htaccess passbox ...change look?

**BLiZZaRD** · 11-12-2006, 10:50 PM

About a year ago, I found a web site that used .htaccess to password protect folders and files. What was different about it though was the look of the passbox was different than normal.

I emailed the site crator and asked how it was done. The response was an "I don't know, my php guy did it for me"

I have looked again for the site to link to to show a live example, but I can't find it.

Does anyone know how to go about changing the look of the passbox? I would like to change the words from username and password to something else, among other small things like that.

Ideas?

**ItsMeOnly** · 11-12-2006, 11:19 PM

password box is user-agent idea, so unless that wasn't really GUI dialog (could be browser window disguised as one), no idea.

**blm126** · 11-12-2006, 11:22 PM

How do you know that it used .htaccess? It could have just been a regular login page(cleverly disguised). The .htaccess login works through HTTP authentication(I think) so I don't think you can do that. You could use PHP to read the .htaccess file and implement its own protection scheme.

**BLiZZaRD** · 11-13-2006, 12:57 AM

Well, I guess I don't "know" But when I viewed it in a non supported browser I got the plain jane .htaccess one.. dunno

**Twey** · 11-13-2006, 05:43 PM

The previous replies are quite correct. All modifying the .htaccess file causes is the 401 Unauthorized response code and the WWW-Authenticate header to be sent to the user agent, which then prompts for a password and responds with an appropriate Authorization header. The server has no control over the manner in which the user agent accomplishes this, other than altering the information contained in the WWW-Authenticate header (which usually contains information such as the name of the resource which can be displayed by the browser). It was likely a clever mockup, with a redirection to a standard 401 authentication-requiring resource if the browser didn't support some client-side script used.

**blm126** · 11-13-2006, 09:44 PM

I have an idea. Since .htaccess/.htpasswd is based of off the 401 unauthorized response code, then you colud redirect to the resource from a custom login box.Look at the following URL

Code:

http://username:password@www.somepage.com

Maybe you could build a custom login box, then use PHP to redirect. If you really wanted to get fancy you could parse the password file with PHP to give good error messages.

**BLiZZaRD** · 11-15-2006, 08:19 AM

Something to think about. Thanks all for the replies, I will look into it and let you know what I find out, if anything.

Thread: .htaccess passbox ...change look?

Thread Tools

Search Thread

.htaccess passbox ...change look?

Bookmarks

Bookmarks

Posting Permissions