After much trying to work out how to protect a directory with PHP so that full URLs couldn't access any of the static images, I finally found a mod for Apache (mod_auth_mysql) that allows authentication against mySQL. While this means that I end up not using the nice PHP form I had created, it does secure the files. This is my first attempt at a how-to, so be gentle. Hope it helps.
How to set up OS X 10.3.5 Apache (built in) and mySQL for authentication via mod_auth_mysql. Why? Because I like gross overkill.
Firstly you will need to install mySQL if you haven't already. I recommend getting the OS X binary from this page at mysql.com. It's version 4.0.21 at the time of writing. Many tutorials online tell you how to install mySQL for OS X. Most of them tell you to set up a user called mysql in your netinfo. This is not necessary, as it is already there. Install the package and follow the Readme to setup your root password. Install the MySQLStartupItem.pkg as well.
Now we test to see if it is working. Type the following in the Terminal:
$ alias mysql=/usr/local/mysql/bin/mysql
$ alias mysqladmin=/usr/local/mysql/bin/mysqladmin
$ mysqladmin -u root password root_password
$ mysql -u root -p
Enter Password:
MySQL should load at this point. This is a good time to create your database for user login:
mysql>CREATE DATABASE users;
mysql> USE users;
CREATE TABLE user_info (
user_name CHAR(30) NOT NULL,
user_passwd CHAR(20) NOT NULL,
[ any other fields if needed ]
PRIMARY KEY (user)
)
mysql>quit
YAY! Note : I suggest using phpMyAdmin to manage your database and populate it with data. [Download 2.6.0-pl1]
$ apxs -c -D lmysqlclient -lm -lz -I/usr/local/mysql/include/ \
-L/usr/local/mysql/lib/ mod_auth_mysql.c
$ apxs -i mod_auth_mysql.so
Now you need to edit you httpd.conf to use the new mod. Open /etc/httpd/httpd.conf in your favorite editor. Note the editor must be run as sudo if you hope to save the file in its original location --i.e.: sudo vi httpd.conf. The Readme for mod_auth_mysql gives the standard Apache install tree for adding this mod to your config file. OS X has a slightly different tree for apache, so insert the following lines in the appropriate places instead of the original Readme lines:
LoadModule mysql_auth_module libexec/httpd/mod_auth_mysql.so
AddModule mod_auth_mysql.c
I used per-directory in the httpd.confinstead of .htaccess files, but both are usable. The mod_auth_mysql Readme gives a complete list of all the options available. While the Readme states that the mod assumes a particular table format in your database, I had to declare each field anyway:
<Directory "/dir/you/want/to/protect/">
AuthName "SOME_THING_HERE"
AuthType Basic
AuthGroupFile /dev/null
AuthMySQLEnable On
AuthMySQLHost localhost
AuthMySQLDB users
AuthMySQLUserTable user_info
AuthMySQLUser <user>
AuthMySQLPassword <password>
AuthMySQLPasswordField user_passwd
AuthMySQLPwEncryption none
AuthMySQLSaltField none
AuthMySQLNoPasswd Off
AuthMySQLAuthoritative On
require valid-user
</Directory>
This config uses the following table in the database "users":
CREATE TABLE user_info (
user_name CHAR(30) NOT NULL,
user_passwd CHAR(20) NOT NULL,
[ any other fields if needed ]
PRIMARY KEY (user)
)
Save your file and check it with apachectl configtest; if that works out, then restart your server by typing sudo apachectl restart.
Mac OS X Hints
http://hints.macworld.com/article.php?story=20040929231757869