How do I use PHP to password-protect my directory files?

Ask about general coding issues or problems here.

Moderators: macek, egami, gesf

Jay

Postby Jay » Sat Oct 12, 2002 3:32 am

Do a search in the manual for HTTP authentication. It's chapter 18 I think. It'll describe how to use the Apache module for a password box. Simply modify the script for your own purposes and insert it in every page you want to protect

Serg4444
New php-forum User
New php-forum User
Posts: 8
Joined: Fri Sep 27, 2002 4:01 am

Postby Serg4444 » Wed Oct 16, 2002 11:28 pm

It's simple:
Your link for download must go on another PHP page, where you check cookies - if($variable=="value"){your page with real links to download}
else{include("login.htm");}

Sincerely,
Sergey Booyny
AlarIT programmer
http://www.AlarIT.com

DoppyNL

Postby DoppyNL » Wed Oct 16, 2002 11:50 pm

Serg4444 wrote:It's simple:
Your link for download must go on another PHP page, where you check cookies - if($variable=="value"){your page with real links to download}
else{include("login.htm");}

But someone could copy those links and then send it to someone else (who has no acces) and he can then download those files, as PyRoMaTrX allready mentioned in his post.

Greetz Daan

Cogen
New php-forum User
New php-forum User
Posts: 4
Joined: Sat Oct 12, 2002 7:15 pm

Postby Cogen » Thu Oct 17, 2002 10:19 am

How about starting a session and setting some kind of login session variable when the user logs in correctly. On all pages that require passwords, check to see if the session variable is set. If it's not, direct them to the loggin page. I think this is similar to Serg4444's method, however I don't see why it couldn't work if you use session variables.

DoppyNL

Postby DoppyNL » Thu Oct 17, 2002 10:22 am

Cogen wrote:How about starting a session and setting some kind of login session variable when the user logs in correctly. On all pages that require passwords, check to see if the session variable is set. If it's not, direct them to the loggin page. I think this is similar to Serg4444's method, however I don't see why it couldn't work if you use session variables.

See the first post in this topic.
The problem is/was to prevent users form downloading files (non php-files) wich they don't have acces to.

Cogen's method will work when you want to prevent acces to certain pages, I use the method on my site!
It only doesn't work for other files.

Greetz Daan

Cogen
New php-forum User
New php-forum User
Posts: 4
Joined: Sat Oct 12, 2002 7:15 pm

Postby Cogen » Thu Oct 17, 2002 10:33 am

:( Sorry. I guess that doesn't solve the problem does it.


Return to “PHP coding => General”

Who is online

Users browsing this forum: No registered users and 3 guests

cron