Skip site navigation (1) Skip section navigation (2)

Re: Re: Secure pages

From: Michael Fork <mfork(at)toledolink(dot)com>
To: Timothy_Maguire(at)hartehanks(dot)com
Cc: Paul Joseph McGee <mcgee(at)student(dot)cs(dot)ucc(dot)ie>, pgsql-php(at)postgresql(dot)org
Subject: Re: Re: Secure pages
Date: 2001-03-13 19:18:29
Message-ID: Pine.BSI.4.21.0103131413060.13558-100000@glass.toledolink.com (view raw or flat)
Thread:
Lists: pgsql-php
The easiest way in PHP that I have found is to create a file called
validate.php containing the following:

<?
  if ($HTTP_COOKIE_VARS["MyCookie"] != 'Some Value') {
    header("Location: http://my.company.com/login");
  }
?>

and, after the user has logged in, set a cookie.  Then, for each page that
should be for a logged-in user only, just include the validate.php file.

Michael Fork - CCNA - MCP - A+
Network Support - Toledo Internet Access - Toledo Ohio

On Tue, 13 Mar 2001 Timothy_Maguire(at)hartehanks(dot)com wrote:

> 
> if you are using apache web server you can try the .htaccess method.  I am
> not too familar with it.  I am trying to learn it myself, but from what i
> gather, you put a file called .htaccess in the dir where your web page is.
> the .htaccess file contains a path to the a file where all the user names
> and passwords are stored.  whenever this dir is accessed, a window pops up
> asking for a user id and password.
> 
> If anyone has more info on this, please pass it on.  I am looking into
> using this as well.  What i am looking to do is create a web based ftp
> application.  Where users log into a web screen and can ftp files to the
> server into a certain directory own by them.  I am storing the file paths
> and descriptions in a postgresql db and using php for the ftp process.  Can
> I use .htaccess with this?  Can I have someone log into the web page using
> .htaccess and passing their user id and password into a cookie or variable
> so i will know who they are and they don't have to re-type this when they
> ftp the file.
> 
> Any help would be great.
> Thanks,
> Tim.
> 
> 
> 
> 
> Paul Joseph McGee <mcgee(at)student(dot)cs(dot)ucc(dot)ie>@postgresql.org on 03/13/2001
> 12:20:57 PM
> 
> Sent by:  pgsql-php-owner(at)postgresql(dot)org
> 
> 
> To:   pgsql-php(at)postgresql(dot)org
> cc:
> 
> Subject:  Secure pages
> 
> 
> Hi everybody,
> i have a user login authentication sysytem on my machine here where users
> may view pages but to do other things the user must login. the login
> scripts seem to work ok and are based on a "Secure Authentication System"
> from www.phpbuilder.com. Basically the page where i want people to arrive
> at upon logging in is at present viewable by anyone who puts the proper
> url into their browser. how do i keep this and other pages secure from
> people who havent logged in?
> Thanks,
> Paul
> 


In response to

Responses

pgsql-php by date

Next:From: David OlbersenDate: 2001-03-13 19:24:03
Subject: Re: Re: Secure pages
Previous:From: Dan WilsonDate: 2001-03-13 18:45:53
Subject: Re: Re: Secure pages

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group