| From: | Michael Fork <mfork(at)toledolink(dot)com> |
|---|---|
| To: | Timothy_Maguire(at)hartehanks(dot)com |
| Cc: | Paul Joseph McGee <mcgee(at)student(dot)cs(dot)ucc(dot)ie>, pgsql-php(at)postgresql(dot)org |
| Subject: | Re: Re: Secure pages |
| Date: | 2001-03-13 19:18:29 |
| Message-ID: | Pine.BSI.4.21.0103131413060.13558-100000@glass.toledolink.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-php |
The easiest way in PHP that I have found is to create a file called
validate.php containing the following:
<?
if ($HTTP_COOKIE_VARS["MyCookie"] != 'Some Value') {
header("Location: http://my.company.com/login");
}
?>
and, after the user has logged in, set a cookie. Then, for each page that
should be for a logged-in user only, just include the validate.php file.
Michael Fork - CCNA - MCP - A+
Network Support - Toledo Internet Access - Toledo Ohio
On Tue, 13 Mar 2001 Timothy_Maguire(at)hartehanks(dot)com wrote:
>
> if you are using apache web server you can try the .htaccess method. I am
> not too familar with it. I am trying to learn it myself, but from what i
> gather, you put a file called .htaccess in the dir where your web page is.
> the .htaccess file contains a path to the a file where all the user names
> and passwords are stored. whenever this dir is accessed, a window pops up
> asking for a user id and password.
>
> If anyone has more info on this, please pass it on. I am looking into
> using this as well. What i am looking to do is create a web based ftp
> application. Where users log into a web screen and can ftp files to the
> server into a certain directory own by them. I am storing the file paths
> and descriptions in a postgresql db and using php for the ftp process. Can
> I use .htaccess with this? Can I have someone log into the web page using
> .htaccess and passing their user id and password into a cookie or variable
> so i will know who they are and they don't have to re-type this when they
> ftp the file.
>
> Any help would be great.
> Thanks,
> Tim.
>
>
>
>
> Paul Joseph McGee <mcgee(at)student(dot)cs(dot)ucc(dot)ie>@postgresql.org on 03/13/2001
> 12:20:57 PM
>
> Sent by: pgsql-php-owner(at)postgresql(dot)org
>
>
> To: pgsql-php(at)postgresql(dot)org
> cc:
>
> Subject: Secure pages
>
>
> Hi everybody,
> i have a user login authentication sysytem on my machine here where users
> may view pages but to do other things the user must login. the login
> scripts seem to work ok and are based on a "Secure Authentication System"
> from www.phpbuilder.com. Basically the page where i want people to arrive
> at upon logging in is at present viewable by anyone who puts the proper
> url into their browser. how do i keep this and other pages secure from
> people who havent logged in?
> Thanks,
> Paul
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Olbersen | 2001-03-13 19:24:03 | Re: Re: Secure pages |
| Previous Message | Dan Wilson | 2001-03-13 18:45:53 | Re: Re: Secure pages |