Directory access.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
murlopaz
Forum Commoner
Posts: 60
Joined: Wed Oct 11, 2006 5:02 pm
Location: Baltimore, MD, USA

Directory access.

Post by murlopaz »

Hi everybody,
I figured out how to authenticate users through ldap.
Now, if the user authenticated successfully I have to give him access
to certain folders on the web server (apache) based on the group they belong to.
How do I accomplish this?
Thanks a lot!
User avatar
dude81
Forum Regular
Posts: 509
Joined: Mon Aug 29, 2005 6:26 am
Location: Pearls City

Post by dude81 »

There is beautiful project on sourceforge on access layers
phpGACL.
But it will be somewhat difficult to understand.
murlopaz
Forum Commoner
Posts: 60
Joined: Wed Oct 11, 2006 5:02 pm
Location: Baltimore, MD, USA

Post by murlopaz »

well the main problem is:
after I check the username and password I don't know what to do.
My understanding would be that I should redirect the user to the secure directory... on the web server.
But how do I deny access to that folder if the user tries to access it directly?
User avatar
dude81
Forum Regular
Posts: 509
Joined: Mon Aug 29, 2005 6:26 am
Location: Pearls City

Post by dude81 »

Put this in the index file of that directory

Code: Select all

if($_SERVER['HTTP_REFERER'] !='yourauthentication.php'){
echo "Your Access denied";
}else{
//the other code;

}
or simply write a rule in your .htaccess a deny rule for that directory by anybody
Post Reply