Need Help with protecting directories

[gordonmc]

I am used to using htaccess to protect directories.

 

I am now trying to build a membership site using PHP and I have found that all directories are visible by typing in the direct URL:

example: www.my_website.com/download

example: www.my_website.com/db

 

These directories are all in the (example) http://www.my_website.com/members and when the URL is typed or clicked it takes you to the the main index page and you have the option to register or login. Once logged in you can navigate to the page for your level of membership and download the zip.file.

 

Problem that I found is you can type in the direct URL

example:www.my_website.com/members/download and access all zip.files

 

How do I protect these  directories from public view

and still allow access for members that are logged in with out using .htacces?

 

 

[TRI0N]

Out this on the inside of the .htaccess of your members dir.  It will not allowing listing of directories or its sub-directories.

 

Better yet toss it in the root of the website itself .htaccess

 

 

Options -Indexes

[gordonmc]

I don't quit follow what you are saying .

 

Out this on the inside of the .htaccess of your members dir.

What do you mean?

I don't have a .htaccess for that directory.

 

I have been working with PHP for about 2 wks now and have figured out most of it but I don't understand what you are saying.

[TRI0N]

Well your first post says... (My error was Out should have been Put This In...)

 

"

I am used to using htaccess to protect directories.

 

I saying to create a .htaccess or open the ones you are using and put what I typed above into that file and save it.  users will not be able to browse those dir you were talking about.  Place the .htaccess in the members folder or in the root.  This will keep it so they have to be logged or view directories via PHP scripts.