Board index   FAQ   Search  
Register  Login
Board index php forum :: php coding PHP coding => General

How do I use PHP to password-protect my directory files?

Ask about general coding issues or problems here.

Moderators: macek, egami, gesf

Postby Jay » Sat Oct 12, 2002 3:32 am

Do a search in the manual for HTTP authentication. It's chapter 18 I think. It'll describe how to use the Apache module for a password box. Simply modify the script for your own purposes and insert it in every page you want to protect
Jay
 

Postby Serg4444 » Wed Oct 16, 2002 11:28 pm

It's simple:
Your link for download must go on another PHP page, where you check cookies - if($variable=="value"){your page with real links to download}
else{include("login.htm");}

Sincerely,
Sergey Booyny
AlarIT programmer
http://www.AlarIT.com
Serg4444
New php-forum User
New php-forum User
 
Posts: 8
Joined: Fri Sep 27, 2002 4:01 am

Postby DoppyNL » Wed Oct 16, 2002 11:50 pm

Serg4444 wrote:It's simple:
Your link for download must go on another PHP page, where you check cookies - if($variable=="value"){your page with real links to download}
else{include("login.htm");}

But someone could copy those links and then send it to someone else (who has no acces) and he can then download those files, as PyRoMaTrX allready mentioned in his post.

Greetz Daan
DoppyNL
 

Postby Cogen » Thu Oct 17, 2002 10:19 am

How about starting a session and setting some kind of login session variable when the user logs in correctly. On all pages that require passwords, check to see if the session variable is set. If it's not, direct them to the loggin page. I think this is similar to Serg4444's method, however I don't see why it couldn't work if you use session variables.
Cogen
New php-forum User
New php-forum User
 
Posts: 4
Joined: Sat Oct 12, 2002 7:15 pm

Postby DoppyNL » Thu Oct 17, 2002 10:22 am

Cogen wrote:How about starting a session and setting some kind of login session variable when the user logs in correctly. On all pages that require passwords, check to see if the session variable is set. If it's not, direct them to the loggin page. I think this is similar to Serg4444's method, however I don't see why it couldn't work if you use session variables.

See the first post in this topic.
The problem is/was to prevent users form downloading files (non php-files) wich they don't have acces to.

Cogen's method will work when you want to prevent acces to certain pages, I use the method on my site!
It only doesn't work for other files.

Greetz Daan
DoppyNL
 

Postby Cogen » Thu Oct 17, 2002 10:33 am

:( Sorry. I guess that doesn't solve the problem does it.
Cogen
New php-forum User
New php-forum User
 
Posts: 4
Joined: Sat Oct 12, 2002 7:15 pm


Return to PHP coding => General

Who is online

Users browsing this forum: Google [Bot] and 3 guests

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.

cron