Re: .htaccess and $ENV{

Just to add what has already been said: if you want to do .htaccess authentication then you have to have an .htaccess file in the cgi-bin folder that contains the cgi that you want to restrict access. If the cgi is fed information from an HTML form you probably want the folder the HTML file is in to also have a copy of the same .htaccess file. This will make users authenticate to the server before they even see the page they're supposed to fill it. You don't have to do this, but it isn't real stylin' to have the user fill out a form, press "Submit" and THEN have to authenticate.

As mentioned above, you won't want to manipulate the $ENV{'REMOTE_USER'} directly, but you may want to read from it. I've used it in the past to give certain users certain "permissions" within my CGI. Kinda like this:

if {$ENV{'REMOTE_USER'} eq "Cool Dude") {
   print p("You are a total stud!");
} else {
   print p("You are a luser.");
}
[download]

That kind of thing. At a minimum you must have your cgi directory protected by .htaccess or the $ENV{'REMOTE_USER'} will never be set.

Gary Blackburn
Trained Killer

Comment on Re: .htaccess and $ENV{ Download Code