Page 1 of 1

Restriction problem!!

Posted: Fri Aug 17, 2007 8:28 am
by dorimi
Hi!!

I need to build a website with a login screen, hence the site is only for registered users.
I am going to use PHP for the login procedure but the rest has to be plain html webpages.

How can I prevent direct access to the html pages e.g. by typing the url to the html page ?
I have read that I can use htaccess to prevent access but I am not sure how to connect htaccess to all registered users in the database.

Any idea ?

Thank you.

Posted: Fri Aug 17, 2007 8:37 am
by superdezign
By using PHP instead of HTML. It's not a hard fix. Just convert all of the HTML pages to PHP, and add a quick line at the start that redirects them to the log in page if they don't have a validated session open.

Posted: Fri Aug 17, 2007 8:37 am
by Mordred
You can't.
Either have the registration process add users in a htpasswd file (which is quite impractical as you may guess, and has several implementation problems), or you serve the static pages from a PHP file that first checks the login status of the user. Be careful on how you print the static pages, or you may end with problems like this one: viewtopic.php?t=72504

Posted: Fri Aug 17, 2007 8:51 am
by dorimi
Thanks for the quick reply.

I will use php files instead of html files.

However there will be links within the restricted site, to PDF files which have to be accessible only to the registered users.
Any ideas how to restrict access to the PDF files only for users in the database ?

Thanks...

Posted: Fri Aug 17, 2007 9:09 am
by superdezign
dorimi wrote:Thanks for the quick reply.

I will use php files instead of html files.

However there will be links within the restricted site, to PDF files which have to be accessible only to the registered users.
Any ideas how to restrict access to the PDF files only for users in the database ?

Thanks...
Hmm. I'm not too sure why you'd need to, but I guess you could use .htaccess to block all direct access, then access it through PHP using header() and file_get_contents().