Howdy Gang.....here is a real dumb set of questions....but I have no idea where to start so here it be:

If I password protect a directory, and then access something from that directory, it will prompt me with a user id and password box. Once I enter that and hit ok, it then lets me do what I need to. I am cool with that. If I go to somewhere else in the same browser window.....(lets say to some other site) and then go back to a page in that directory, it does not prompt me for the user id and password again.

I am assuming that when I did the inital hit on the item in that directory, it set up a couple of session variables one for user id and one for password. I assume that every time I access something from that browser session, these varaibles are checked to see if they contain the correct data and therfore that is why I am not prompted for a uid/password every time I access something in that directory.


My questions are as follows.

1. Assuming that the above statements are true, are the session variables for user id and password staticly named, and if they are does anyone know what they are called so I can access them and set them from within a script.

2. We are putting up a site with a members area that requires a user to login. We are intending to have items such as phpbb available to members and members only. Right now I have the install in a password protected directory. What I would like to do is to have the user login on the main page and during the retireval process set the correct session variables the password protected directories as they are logging in. Is this even possible, am I over complicating things?

Thanks in advance.

Darce

It depends on browser that you're using. If you use MS Internet Explorer you need to visit http://msdn.microsoft.com for this info.



This info is depends also on your browser.
Also if I'm not mistaken phpBB2 forum allows to set up a session time limit.

I havent heard of this feature. Maybe I just never came across it.

Ok I don't think I am getting it. I guess my real question then is, how does the password protected directory work then?

I enter a User Id and Password in the grey box that pops up. What does the system do with that information. Is is stored in the browser...or is it somewhere else?

Thanks
Darce

I think it keeps it logged in until the browser session is closed (all IE browsers are closed). It must store it somehow, possibly a temporary cookie or registry entry?

...you typing user name and password and Apache web server start a session with a browser. You can read more info about this at http://apache.org/