At 14:54 14-10-01, you wrote: >Hi, all. > >Is there such a thing as a "RCEgroupname" environment variable?
http://localhost/sysadmin/reports/envt.stm Nope. >I have multiple user groups and need to check if the logged-in user >belongs to the "right" group. Probably this is not feasible since a user >*could* be in more than one group? Right. If the variable would exist it would be an array, which is as far as I know, still not available in Sambar Script. >1. I have "secret" information in a directory "/sdb". Thank you. >2. I only want to allow access for users in a group called >"feilbach-sdb". It's good practice to keep group names short, and only containing word characters, ie: the alfabet, numbers and the underscore. >3. Simply using .htaccess to restrict everything in the directory I dont >want, because: > >a) I find it too rude to pop up a login screen when clicking a link. I >want to show him *part* of the page and some note stating "if you were >registered, you could see more...". Sounds like an IFRAME is a good solution, unless the design doesn't permit it. >b) Hee hee... AND I want all the spiders in the world to SEE my pages >since they contain potentially useful information! So I cannot simply >restrict access to the directory... With my construct, spiders could see >all the product data sheets, users would go to my customer's site and be >politely reminded to register for more. Perl is the easiest solution here whether in an IFRAME or via RCC, since access to the file system is not supported directly by Sambar Script. Simply keep a file of allowed usernames, seperated by a newline and compare it to RCEusername. Use the <RCC command in your page, to question de perl script transparently or use the IFRAME with a src pointng to your perl script. Alternatively, you could use profile variables (see docs), but I don't know about the security then, since profile vars are modifyable by the users, if they know what to do. ____________________________________________________ </MELVYN> void wakeup() { for(long int cuppajava;drink();cuppajava++); } -------------------------------------------------------------------------------- For unsubscription of this list send an email to [EMAIL PROTECTED] with email data containing unsubscribe emailadd sambar
