Jump to content

[SOLVED] Restrict user from certain files

SirChick

By SirChick
in PHP Coding Help

 Share

Recommended Posts

SirChick Advanced Member

SirChick

Posted
Posted

I was wondering.. say you have a number of scripts in one folder named "city1" then others in "city2" is there a way to not allow the user to view any city2 pages unless according to php validation it was ok to do so ? Basically cos i don't want users to be able to view both cities by just changing the url from one to the other i need to stop them doing it.. how is it done?

Link to comment
https://forums.phpfreaks.com/topic/75141-solved-restrict-user-from-certain-files/
Share on other sites
trq Prolific Member

trq

Posted
Posted

You can't block an entire directory using php, though you can using .htaccess. have you already got a login system in place? Its easy to lock certain files via a session based login system. eg;

 

<?php

  session_start();
  if ($_SESSION['userlevel'] < 3) {
    die();
  }

?>

SirChick Advanced Member

SirChick

Posted
  • Author
Posted

Well the idea was like if the user was in CityID 1 then he/she could only view the pages that are related to City ID 1... and what i was thinking was to sort each city's php files in different folders and then shut the user out and redirect them to the correct city that way...

 

but theres many cities you see..so i gotta make sure i close them all up and its very hard to without hours of hours of testing of which some times the sequence needed to check if the page is secure may never arise for months before finding out if users can still access the page..

teng84 Member

teng84

Posted
Posted

better to have db for that store all the cities in your db and once the user log in to your site

do some checking

sample if NY id ==1

 

tengs account is only 1 so teng can only view pages who's account code is 1

 

ao in every page you will have an account checking 

<?php

  session_start();
  if ($_SESSION['userlevel'] < 1) {
    die();
  }

?>

SirChick Advanced Member

SirChick

Posted
  • Author
Posted

yeh thats my current method but i still have to manually go to each page and put in the script to do that check don't i ? given my hundreads of pages... it will be a nightmare to do :P

 

This was why i asked if my idea would work as it would save me time hehe

teng84 Member

teng84

Posted
Posted

for sure on each page you have the same include file right eg.. account, access level

 

if so you can just add simple script on that single page to hold every other page :D

 

well if you don't have then its gonna be a problem and lesson i'd say  :D

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.