htaccess question --
 

More htaccess questions.

Here's the htaccess I'm using to protect my members area:
AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/data/.htpasswd
AuthName MEMBERS
AuthType Basic

<Limit GET POST>
require valid-user
</Limit>

I want to be able to offer a "tiered" membership option allowing access to more withing my membership area for more money. So I need to protect directories separately. With the file listed above does anyone know if I can add some lines in??? I'd try it on my server but I don't want to mess with my present customers and accidently block them out. I'd basically be adding separate data locations for the password files to different directories. So does anyong know if I can do this --

AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/data/.htpasswd
AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/vdata/.htpasswd
AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/data1/.htpasswd
AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/data2/.htpasswd
AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/data#/.htpasswd
AuthName MEMBERS
AuthType Basic

<Limit GET POST>
require valid-user
</Limit>


:helpme

:( :helpme

Well you seem to be hurting here... so I ran through the
mod_auth source code. (I assume you are using Apache)

Nope, mod_auth only supports 1 password file per directory
declaration.

It is trivial to extent this, but if you think about what you're
doing this isn't the way you want to it. By doing it at root, you've
given even the most basic user access all the way down the tree.
Rewriting the entire authentication method to work backwards,
would NOT be trivial.


You might want to look at grouping and using that to restrict
further down the tree.

I know there are scripts/API's that will use a DB for auth instead of the user/password files that htaccess normally queries. Below is a link to a great resource board. Good luck

http://forums.devshed.com/