redirect after login (pass variable to PHP?)

[gin]

Apologies if I'm posting in the wrong forum.

 

I have a PHP client area, where users log in and see files in their own folder only. This works dandy.

 

If the users click on a direct link to one of the folders or files in their folder, it should request the log in, then proceed to the aforementioned folder or file. Unfortunately, this does not quite work. After log in, users see the top level of their folder, as if they'd logged in normally.

 

I get that I should be passing variables into the PHP script somehow, but I'm at a loss how. Please advise.

 

My htaccess is as follows:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite\.com [NC]
RewriteRule ^(.*)$ http://mysite.com/login.php [R,L]
</IfModule>

 

I'm not sure it it's relevant, but my file layout is as below:

Client Area (login.php)
   |-- Data   (htaccess)
        |-- client1   (client's files are in these folders)
        |-- client2

[trq]

After log in, users see the top level of their folder, as if they'd logged in normally.

 

It's comments like this that make your post unclear.

[gin]

Let's say a user goes to http://mysite.com/clients/login.php

After they login, they'll see an interface showing whatever files/folders they have.

 

However, if they click on a link: http//mysite.com/clients/data/client1/folder1/file1.txt

They should see a login page, then after login, the file1.txt should display.

 

However, the htaccess just redirects to the login page, so after they login, they see the default interface. As if they logged in normally.

 

I'd like help changing the redirect to somehow pass the "client1/folder1/file1.txt" part of the link to the PHP script.

[cags]

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite\.com [NC]
RewriteRule ^(.*)$ http://mysite.com/login.php?original_request=$1 [R,L]

[ManiacDan]

So you're requiring a login on every single click?  Why?  What possible security can that afford?  Aren't people going to be pissed off at having to type a password every time they do anything on your site?

 

[cags]

The way I understand it they don't want to have to log-in on every file access, merely that if a user attempts to access a file without being logged in, upon achieving that log-in they should be redirected to the page they originally requested, not the default 'logged in' page you might arrive at by going directly to a login page.

[gin]

The way I understand it they don't want to have to log-in on every file access, merely that if a user attempts to access a file without being logged in, upon achieving that log-in they should be redirected to the page they originally requested, not the default 'logged in' page you might arrive at by going directly to a login page.

 

Yes, correct! And thanks so much for the help! So simple