Jump to content


Photo

How can i make users not able to view files directly


  • Please log in to reply
6 replies to this topic

#1 Demonic

Demonic
  • Members
  • PipPipPip
  • Advanced Member
  • 562 posts

Posted 01 September 2006 - 09:06 PM

Problem: I got files that you can just go to the file and view it and do anything to it
Question: How can i make it so I Can tell a user that they cant view that page unless thier viewing it in the admin control panel.

More like this: AdminCP has Frames and includes files so your on the same page the whole time admincp.php and you can access files that way,but how can i make it so its only viewable threw the admincp.php file and not allowed to be viewed any other way(even if they know the direct link kinda like IPB has)

#2 Gruzin

Gruzin
  • Members
  • PipPipPip
  • Advanced Member
  • 448 posts
  • LocationGeorgia

Posted 01 September 2006 - 09:23 PM

Think u have to use sessions...
I don't need your script, I'll try to write it myself

#3 Demonic

Demonic
  • Members
  • PipPipPip
  • Advanced Member
  • 562 posts

Posted 02 September 2006 - 01:46 AM

bump

#4 Demonic

Demonic
  • Members
  • PipPipPip
  • Advanced Member
  • 562 posts

Posted 02 September 2006 - 02:49 AM

Sorry,but you didn't meet my needs maybe you didn't understand my question.

I Ment say if a user is going to a site and hes at the page bam.php
and bam.php is in the users address bar right? Yeah now say i don't want no one to be able to view that page directly like if their on blah.com/bam.php they can view it but say if their in the admincp and I have a frame that includes the bam.php file and is now availible to view since you are not viewing the page directly and not going straight to the link instead you are viewing bam.php from admin.php page. Understand me? Best I could explain.

And as you can see I dont need a register script?Hence my bulletin board in my sig.

#5 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 02 September 2006 - 03:17 AM

well this is just a random thought: how about creating a token on admin.php and passing that var to bam.php and then bam.php checking for the token and if it is right. if it is not, then obviously the page was not accessed by admin.php. 

or check http_referer on bam.php to see if the refering page was admin.php, depending on you setup your script. 
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#6 Demonic

Demonic
  • Members
  • PipPipPip
  • Advanced Member
  • 562 posts

Posted 02 September 2006 - 03:34 AM

if you think about it :) that might work ;).

<?php
$link = "http://mysite.com/admincp.php";
if($_SERVER['HTTP_REFERER'] ==$link){
echo $_SERVER['HTTP_REFERER'];
}else{
echo "False";
}
?>

I did me a little test. Works. Of Course link doesn' work above.

#7 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 02 September 2006 - 03:41 AM

you mean if YOU think about it? anyways... your welcome.
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users