I have a a PHP project that requires an admin page that will allow the customer to create a folder that corresponds to a job number and assign a custom username/password for that folder. There will then be another page their customers use to log into that folder and upload/download files. What’s the best way to handle the authentication? My first thought was to put the username and password in a text file inside the folder and prevent the server from serving the page using .htaccess. I’m trying to avoid touching a database for the project as I want to keep it cheap and simple. Does anyone have any better suggestions on how to handle this? FYI, this isn’t a high security application. I doubt the customer will even spring for an SSL certificate.