how to restrict access to directory?

[jaydeesmalls]

Hi everyone,

 

I have a part on my site that I want to restrict access to only registered users.  I have a register page and a log in page, but how do I restrict pages after that.  Currently, anyone who knows the url of the pages that I want to restrict can just type it in and access, and I want to prevent that.

 

Thank you very much for the input.

[freeloader]

Can you post your login page php source? We need to know what your session username is registered as.

 

<?
session_start();
if(!session_is_registered(myusername)){
header("location:login.php");
}
?>

 

Putting that at the top of all your files should work, providing you change myusername with your registered username variable.

 

However, this only protects certain files, if you wish to protect an entire directory, I'd look into .htaccess:

http://www.google.com/search?q=.htaccess

[jonsjava]

if it's php, you need user access restrictions on it (I use session variables to handle all that). You can find quite a few tutorials already in these forums by searching for "Sessions".  I'm more than glad to assist further, but to code it from scratch, that would take more time than I have right now (at work), but I'm sure some people here would be glad to offer some form of help.

[jaydeesmalls]

thank you.

 

I am at work now and do not have access to my source code, but I will further investigate sessions.

 

thank you again

[revraz]

Just know that sessions will just stop people from running .php pages in those directories.  If there are other things in there like .zip files, it won't stop them.  As stated above, you would need to use .htaccess for directory protection.