perficut Posted August 29, 2007 Share Posted August 29, 2007 I'm finding out that htaccess, while a decent way to secure a directory and its contents is not very programmer flexible. I was wondering how you could go about securing the contents of a directory by using php and mysql. Quote Link to comment Share on other sites More sharing options...
schme16 Posted August 29, 2007 Share Posted August 29, 2007 personally I use the header function, in a way like this: <?php if($logged_user['user_level']!='administrator') { header("Location: http://my-site/index.php"); } ?> or something like that... hope this helps! Quote Link to comment Share on other sites More sharing options...
perficut Posted August 30, 2007 Author Share Posted August 30, 2007 Im not familiar with this but will look into it more. Can you explain how to use this and what requirements/limitations it may have. Quote Link to comment Share on other sites More sharing options...
phpSensei Posted August 30, 2007 Share Posted August 30, 2007 Try it with ip address.... <?php if($_SERVER['REMOTE_ADDR']!="YOUR IP ADDRESS"){ die("You do not have access do this page!"); } else { ///////////////////Content of the page } ?> Quote Link to comment Share on other sites More sharing options...
Jessica Posted August 30, 2007 Share Posted August 30, 2007 You could, but it's a bit complicated. There are some tutorials on here about user login systems. Quote Link to comment Share on other sites More sharing options...
phpSensei Posted August 30, 2007 Share Posted August 30, 2007 Yeah... OR!!!!! PART 1 <?php function session_admin(){ if(!isset($_SESSION['administrator'])){ if($_SERVER['REMOTE_ADDR']=="YOUR IP ADDRESS"){ $_SESSION['administrator']==$_SERVER['REMOTE_ADDR']; } } } ?> PART 2 <?php function check_session(){ if(isset($_SESSION['administrator'])){ /*Show the content of this page*/ } else { /*Knowing the session, or the webmaster is not online, we do not let outsiders enter this page*/ die("TSK TSK TSK, stop being so sneaky"); } } ?> Quote Link to comment Share on other sites More sharing options...
trq Posted August 30, 2007 Share Posted August 30, 2007 None of the above solutions secure a directory. Without .htaccess, the only way to secure a directory would be to move it outside of your web root so it is unreachable. Quote Link to comment Share on other sites More sharing options...
phpSensei Posted August 30, 2007 Share Posted August 30, 2007 I know, but I was just thinking more like webpages... Quote Link to comment Share on other sites More sharing options...
perficut Posted August 30, 2007 Author Share Posted August 30, 2007 IF i could get rid of this annoying problem with htaccess I would consider keeping it. If the wrong login ingo is entered 3 times, it directs you to my custom 'access not granted' page. Problem is, about 1/3 the page loads, then the popup returns. Hit cancel, you might get one or two more pieces of the page to load, then the popup returns. Keeps doing this until the page completely load (maybe 100 times). This redirect page is located in my root directory, not the secured directory. Any ideas? Quote Link to comment Share on other sites More sharing options...
Jessica Posted August 30, 2007 Share Posted August 30, 2007 Weird... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.