mattsutton Posted May 23, 2006 Share Posted May 23, 2006 hi, I am building a site where the admin user can create new users in the database.When the admin user creates a user, the details are sent to the database, a new folder is created on the server with that user name *mkdir(.../.../.../$username) etc,an email is sent to the user containing a link to that folder, which contains an index page which shows the contents of that folder.BUT, can someone help me on how i password protect (automatically) that folder so that only the username and password for that folder can see the index page.... Thanks,Matt. Quote Link to comment https://forums.phpfreaks.com/topic/10245-password-protection-for-specific-pages-and-folders/ Share on other sites More sharing options...
448191 Posted May 23, 2006 Share Posted May 23, 2006 That depends. When you say you show an index page, do you mean you've created an index page which shows the contents of the folder or do you mean the index page created by the server when there's no custom indexpage (like index.php or index.html)?In the last case you could setup .htacces, howerver this would be a readonly solution. In the first case just use the login system you've already got in place.This is an odd question... [img src=\"style_emoticons/[#EMO_DIR#]/unsure.gif\" style=\"vertical-align:middle\" emoid=\":unsure:\" border=\"0\" alt=\"unsure.gif\" /] Quote Link to comment https://forums.phpfreaks.com/topic/10245-password-protection-for-specific-pages-and-folders/#findComment-38180 Share on other sites More sharing options...
mattsutton Posted May 23, 2006 Author Share Posted May 23, 2006 Hi, Thanks for your reply.Basically the index page is a php page called index, which has a php script inside it which displays the contents of any folder that the page is placed in. (e.g. list of word documents in that folder, pdf's etc)Let me explain what im doing.Im building a site for a company that examine and certify lifting equipment. The guy wants to upload certificates in word format via ftp to his customers individual folders, so they can download them to save paper and postage.heres how it should work.user is created --> username, company name, password etc stored in database --> email containing link to the folder that has just been created and login details are emailed to customer --> customer clicks link --> ENTERS USERNAME AND PASSWORD --> index page displayed. (list of word documents is displayed which they can download)basically what i need is:for each new folder to only be accessable using the username and password supplied for that specific folder.Everything else is done, its just password protecting folders that have been created when a new user is addedthat is giving me a headache.Sorry, i expect thats just as confusing as the first post! Quote Link to comment https://forums.phpfreaks.com/topic/10245-password-protection-for-specific-pages-and-folders/#findComment-38181 Share on other sites More sharing options...
448191 Posted May 23, 2006 Share Posted May 23, 2006 [!--quoteo(post=376270:date=May 23 2006, 04:55 AM:name=redspider)--][div class=\'quotetop\']QUOTE(redspider @ May 23 2006, 04:55 AM) [snapback]376270[/snapback][/div][div class=\'quotemain\'][!--quotec--]Sorry, i expect thats just as confusing as the first post![/quote]Not really, I think I understand what you're getting at. You can limit permissions to the files to local scripts, no biggie. But how to pass it from the script to the user... Here's a thought:Direct the hyperlinks to a script that outputs the content of a file. You may have to set the content-type of the output to make the browser believe it's acessing a word document.How exactly to do this? I don't know (yet). Is it possible? I think so. Quote Link to comment https://forums.phpfreaks.com/topic/10245-password-protection-for-specific-pages-and-folders/#findComment-38195 Share on other sites More sharing options...
448191 Posted May 23, 2006 Share Posted May 23, 2006 This might just work:in [b]index.php:[/b][code]echo '<a href="loadfile.php?filepath='.$file.'>'.$filename.'</a>';[/code][b]loadfile.php[/b][code]<?phpheader("Content-type: application/msword");$file = file($_GET['filepath']);foreach($file as $fileline){ echo $fileline;}?>[/code] Quote Link to comment https://forums.phpfreaks.com/topic/10245-password-protection-for-specific-pages-and-folders/#findComment-38200 Share on other sites More sharing options...
448191 Posted May 23, 2006 Share Posted May 23, 2006 Please let me know how this worked out. Quote Link to comment https://forums.phpfreaks.com/topic/10245-password-protection-for-specific-pages-and-folders/#findComment-38207 Share on other sites More sharing options...
mattsutton Posted May 23, 2006 Author Share Posted May 23, 2006 thanks for that, i will have a play around and let you know how i get on Quote Link to comment https://forums.phpfreaks.com/topic/10245-password-protection-for-specific-pages-and-folders/#findComment-38213 Share on other sites More sharing options...
448191 Posted May 23, 2006 Share Posted May 23, 2006 Correction:[b]loadfile.php[/b][code]<?phpif($_SESSION['user'] == $appropiateUser){ header("Content-type: application/msword"); header('Content-Disposition: attachment; filename="'.$_GET['file'].'"'); readfile($_GET['file']);}?>[/code]Disallow external access to the docs by placing them in a subdir and putting in that dir a htacces file containing "Deny from all"...Now one can only access the file if logged in. Anyone else would just see a blank page.Just to be sure, set file permissions on the docs to "user" (I guess that only makes sense if you're using cpanel or something similar). Quote Link to comment https://forums.phpfreaks.com/topic/10245-password-protection-for-specific-pages-and-folders/#findComment-38294 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.