protecting directories using php mysql login system

Need help installing PHP, configuring a script, or configuring a server? Then come on in and post your questions! We'll try to help the best we can!

Moderator: General Moderators

Post Reply
imti
Forum Newbie
Posts: 1
Joined: Wed Sep 27, 2006 4:23 pm

protecting directories using php mysql login system

Post by imti »

I have an application with its own login system based on mysql... I have some more files that i need to post in a sub-directory that i want to control using teh same login. Its running apache with PHP and mySQL on linux...

I have tried using .htacccess, but get the ugly windows login dialog box,, Can i use an external login system and protect both my application (open source - so easy to customize) and the extra directory content with same login system.

thanks in advance
User avatar
ibbo
Forum Commoner
Posts: 51
Joined: Tue Sep 19, 2006 6:20 am

Post by ibbo »

I have a privs section of my user table

Code: Select all

CREATE TABLE `user_details` (
  username varchar(32) NOT NULL default '',
  name varchar(40) NOT NULL default '',
  email varchar(128) NOT NULL default '',
  password varchar(32) NOT NULL default '',
  privs smallint(3) NOT NULL default '0',
  active smallint(2) NOT NULL default '0',
  PRIMARY KEY  (`username`),
  UNIQUE KEY `Email` (`email`)
)
When they login you can pass various info from this table into the session LIKE privs for example or $_session['user'] = $row.

Then in your php you simple check for

Code: Select all

isset($_SESSION['user']['privs']) == 500) ? parse('content') : header("/errors/?mode=forbidden");
ibbo
Post Reply