Hi, Thanks for your reply, sorry I should have been a little clearer in my explanation. Here goes...
I have a dedicated UNIX server with many websites on it. On this server I have also created a Content Management System which has a database which I use to store HTML content for all the other websites. Each website has a database connection to the CMS database to retrieve the HTML for its pages. Each website that uses its own database has a folder called /cms and in here I keep all the database admin scripts for that website. I want these pages to only be accessible from within the CMS website and nothing else. So when the user is in the CMS they can click on database admin and it will include the pages in that websites /cms folder. My Question is how can I ensure that the CMS is the only website that can access these scripts securely? Thanks for your advice. ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I'm not sure I understand what you are trying to do. > What is the connection between frames and security? > > In general, assuming that all users have access to > The same scripts, you need to include in all of your > Scripts some kind of security logic that tells the > Script which user can do what. > > Usually you would want to also allow group access > Rather then user access for easier maintenance. > > You should keep a user table with user, password > And privileges. There are endless ways to do this > And you need to choose what is best for your site. > > Have a look at some relevant code examples: > http://www.weberdev.com/AdvancedSearch.php?searchtype=title&search=auth > > berber > > -----Original Message----- > From: Shaun [mailto:[EMAIL PROTECTED] > Sent: Monday, April 17, 2006 12:46 PM > To: php-general@lists.php.net > Subject: [PHP] Including files from another site > > Hi, > > I have created a CMS where all sites on our server are administrated from > one central site, and HTML content is stored in the CMS database. > > I want users to all control their sites database functions from the CMS > site, but I want to keep the database and database admin scripts in the > individual website account to keep things simple. So I need want to be > able > to include these scripts within the CMS site but keep them secure. I have > tried using frames but I can't keep a session going in the database admin > scripts, is there a better way to do this? > > Any advice would be greatly appreciated. > > -- > PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: > http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
