I am using PHPTAL for seperate business logic from presentation. So there
are controllers, model classes and views (HTML templates). Problem is there
views/*.html are accessible from direct calling through URL (I need to have
views in public_html for Javascript and Ajax dependencies). Is there any
common practices to protect those *.html from unauthorized users? Maybe
parsing this templates like php and at the beginning of each files have
something like that:
<?php session_start(); if (!$auth->isAuthorized) { redirect to login form
here} ?>

Is possible to do that way?

thanks a lot.
PHPTAL mailing list

Reply via email to