Page 1 of 1

Restricting file types/folders?

Posted: Thu Oct 20, 2005 6:27 pm
by sh0ck
Hey,

I am in the process of setting up a login system in PHP. I would prefer that this system be setup in PHP rather than simply creating a .htaccess/pw file(s) because of the flexibility of PHP. I also plan on integrating many features, so in a sense PHP is necessary. I also plan on using the database for other applications.

My question is this . . .

How can I restrict access to certain folders that can only be viewed when the user has been logged in via the PHP login system?

For instance, lets say I have several protoype logos for a company that I only want to be visible by that company. Lets say the login redirects you to /client.php, where the logos are displayed. The images are located in the /images/clients/ folder. Is it possible for me to have these images only be displayed if the user has logged in? I am trying to avoid the possibility of one giving out a direct link to the files, so rather than logging in to view them, one could simply type the full URL and go directly to the images.

I hope I have made myself clear, and I thank you in advance

Posted: Thu Oct 20, 2005 6:34 pm
by feyd
use an .htaccess in the folder with a "Deny from all" then write your scripts that can read the files as an interface to the folder.

Posted: Sat Oct 22, 2005 3:35 pm
by sh0ck
thanks for the reply

would you mind explaining this process more indebth?

although i understand what you are suggesting for the most part, i am not quite sure where to begin because i have never written a script like this

if you could point me in the right direction, that would be great

thanks feyd

Posted: Sat Oct 22, 2005 4:16 pm
by feyd
You'd basically be just building a downloader script. The script finds the files available in the directory, filtering out which ever files you and it deem "hidden" from users, and providing the actual downloading services.. at least, that's how I build them.