[nycphp-talk] PHP testing for a password protected folder/file

Daniel Convissor danielc at
Mon Aug 24 23:58:52 EDT 2009

Hi, uh, whoever you are:

On Tue, Aug 11, 2009 at 09:59:17PM +0800, webmaster at wrote:
>   I have an errorpage script that checks for
>   $_SERVER['REDIRECT_STATUS'] and delivers a user friendly message
>   depending on which error condition it finds, works great most of the
>   time. The problem is when is encountered a password protected
>   folder, it delivers the 401 or 403 error message and completely
>   ignores/bypasses the popup username/password window that usually
>   occurs in .htaccess password protected folders.

I'm guessing your error handler is in the same directory that you're 
blocking, so Apache isn't letting you anywhere near executing the PHP 
code inside your PHP error handler script.

Put your error handler in the top most directory of the document root, 
say "/auth_error.php".  In directories you want protected, have the 
following in your .htaccess files:

    ErrorDocument 401 /auth_error.php
    ErrorDocument 403 /auth_error.php


 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409

More information about the talk mailing list