How to give the AuthUserFile access only for specific page?

Question

I have one page on my root folder called export.php . Now I don't want to give access to this page to all the users.

What I am trying to achieve, If any user tries to access export.php page then one alert will display and it will ask for the username and password. Once login details are correct then the page will be accessible. I tried some code on htaccess.

Now I have two issues,

1) I am getting alert on all the pages. How do I set only for the export.php page?

2) After entering the username and password I am getting a server error.

htaccess

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.php [NC,L]


AuthType Basic
AuthName "Access to the Hidden Files"
AuthUserFile 'http://localhost:8080/example/.htpassword'
Require valid-user

Solution .

First I found the path using <?php echo $_SERVER['DOCUMENT_ROOT']; ?> <?php echo $_SERVER['DOCUMENT_ROOT']; ?>

Output: /opt/lampp/htdocs/example/

then I added path in htaccess file

SetEnvIfNoCase Request_URI /export SECURED

AuthName "Access to the Hidden Files"
AuthType Basic
AuthUserFile "/opt/lampp/htdocs/example/.htpasswd"
AuthGroupFile /
Require valid-user

Satisfy    any
Order      Allow,Deny
Allow from all
Deny from env=SECURED


RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.php [NC,L]

Answer 1

Rewrite all to router.php and then rewrite from php (small mvc for example https://github.com/breakermind/Tronix ).

Better solution, check if the user has permissions in php file:

<?php
// User field from users table (add to session when logging)
if($_SESSION['user']['allow_export'] == 9 && isIpAddressAllowedFunc($_SERVER['REMOTE_ADDR'])){
    // show content
}else{
    // Redirect or log out user
    header('Location: index.php');
    exit;
}

?>