Hi all,
I have created a filemanager that gives admin the facility to create new folders and upload files to those folders. i have also got a great script that provides a user admin facility that also authenticates users using a mysql database I'm a bit stuck on how to go about preventing certain users from seeing the contents of certain directories (and files as well), such that a user logs in and he can only access those directories he has prileges for. I was thinking of using .htaccess but the server Im using doesnt support it. Could somebody point me in the right direction please.
Many Thanks
Ian
File manager how to prevent access to specific folders/files
Moderator: General Moderators
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
From this thread: viewtopic.php?t=41522
I guess that should be server software independant.
I guess that should be server software independant.
William wrote:To put it simple $_SERVER['PHP_AUTH_USER'] is the variable of the username field and $_SERVER['PHP_AUTH_PW'] is the variable for the password field of the login popup. Now we need to make it popup the login! So we added the header("WWW-Authenticate: Basic realm="Simple Login Script""); function which sends a header telling it to basically make that popup. Now where it says Simple Login Script you put what you want the popup box to say. Now the header("HTTP/1.0 401 Unauthorized"); says that if it was unauthorized to display a 404 error. and whatever is under that is what will show when the user clicks cancel.Code: Select all
<? if($_SERVER['PHP_AUTH_USER'] == "William" && $_SERVER['PHP_AUTH_PW'] == "mypass") { echo "You are now loggedin!"; } else { header("WWW-Authenticate: Basic realm="".$login_text."""); header("HTTP/1.0 401 Unauthorized"); echo "Authorization Required."; exit; } ?>username:password