All of my PHP files are secured by session checks, but I've found a possible security problem and am looking for ideas of how to fix it.
Several of my PHP pages are custom built by the end user dropping files into a directory (write access to this directory is restricted).
My PHP code recursively walks through the directory and builds links to all of the files there. It also strips the extension. The users give the files logical names so the links look good.
For example, if they put "How to Fish.docx" into the subdirectory "Fishing" the end HTML code, generated by PHP will look something like this:
<h3>Fishing</h3> <a href="How%20to%20Fish.docx" target="_blank">How to Fish</a><br>
The security problem is that they can now make a direct link to the "How to Fish" document and save it as a favorite and bypass all security checking done by the PHP pages.
Is it possible to write some type of "trigger" code that will launch the PHP login page whenever a user tries to access a page in a certain directory? I've seen web sites that do this, but am not quite sure how.
Is there another, simpler solution? Thanks!
Edited by sf_guy, 17 May 2013 - 04:51 PM.