Re: [PHP-DB] authentication in a browsing directory
Hi, This sounds good, but I thought it could be easier to use the browsing function of the Apache Webserver, since this function is already implemented. I just don't know, how to access this function, if there is an index file present. If there is no way to do that, I will try to use the filesystem functions of PHP. (I think it would also be much more efficient, regarding to performance, to use the native Apache function.) Helmut Baher Abouelfittouh wrote: > Ok .. Upon success, read the current directory and create links to each > file on the fly "readdir()". That should even give the chance to customize > your directory listing ..!! > > Baher > -- > -- --- Helmut Tessarek --- [EMAIL PROTECTED] --- IBM Certified Solution Expert Microsoft Certified Systems Engineer (MCP, MCP+I, MCSE) Karmarschgasse 53/1/3/11, A-1100 Vienna, Austria - http://www.evermeet.cx - -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] authentication in a browsing directory
Ok .. Upon success, read the current directory and create links to each
file on the fly "readdir()". That should even give the chance to customize
your directory listing ..!!
Baher
--
>From: Helmut Tessarek <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: [PHP-DB] authentication in a browsing directory
>Date: Wed, 21 Feb 2001 23:11:13 +0100
>
>Hi,
>
>I've got some directories that should be accessed via the browser. This
>works fine.
>To secure a directory I always used the directives in the .htaccess
>file. This works aswell.
>Now I wrote a little PHP script that looks in a table of a database if
>the user is allowed to access the page or not.
>So far, so good.
>The problem is that (since index.php is automatically called regarding
>to the DirectoryIndex directive) the directory
>is never listed.
>I'm pretty sure that there is a way how to manage this, but
>unfortunately I don't get it.
>Is there a header request that lists the directory without looking for
>the index.html and index.php?
>
>Below is the code of my index.php (DirectoryIndex index.html index.php):
>
>function authenticate() {
>$realm = "Test Realm";
>Header("WWW-authenticate: basic realm=\"$realm\"");
>Header("HTTP/1.0 401 Unauthorized");
>// Header("status: 401 Unauthorized"); // This had to be used for
>earlier Apache versions
>?>
>You need a valid user id.
>exit;
>}
>
>if( !isset( $PHP_AUTH_USER )) {
>authenticate();
>} else {
>$conn = odbc_connect("db", "user", "pwd");
>if (!$conn){
> ?>
> Error connecting to database!
> } else {
> $id = strtolower( $PHP_AUTH_USER );
> $query = "select * from table where id='$id' and
>pwd='$PHP_AUTH_PW'";
> $res = odbc_exec( $conn, $query );
>
> if( !odbc_num_rows( $res ))
> authenticate();
>
>}
>}
>
>echo "Success"; // Here should be a statement that would list the
>directory as it would be shown without the index.php file
>
>?>
>
>--
>
>--- Helmut Tessarek --- [EMAIL PROTECTED] ---
>
> IBM Certified Solution Expert
> Microsoft Certified Systems Engineer (MCP, MCP+I, MCSE)
> Karmarschgasse 53/1/3/11, A-1100 Vienna, Austria
>
>- http://www.evermeet.cx -
>
>
>
>--
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] authentication in a browsing directory
Hi, I've got some directories that should be accessed via the browser. This works fine. To secure a directory I always used the directives in the .htaccess file. This works aswell. Now I wrote a little PHP script that looks in a table of a database if the user is allowed to access the page or not. So far, so good. The problem is that (since index.php is automatically called regarding to the DirectoryIndex directive) the directory is never listed. I'm pretty sure that there is a way how to manage this, but unfortunately I don't get it. Is there a header request that lists the directory without looking for the index.html and index.php? Below is the code of my index.php (DirectoryIndex index.html index.php): You need a valid user id. Error connecting to database! -- --- Helmut Tessarek --- [EMAIL PROTECTED] --- IBM Certified Solution Expert Microsoft Certified Systems Engineer (MCP, MCP+I, MCSE) Karmarschgasse 53/1/3/11, A-1100 Vienna, Austria - http://www.evermeet.cx - -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] authentication in a browsing directory
Hi, I've got some directories that should be accessed via the browser. This works fine. To secure a directory I always used the directives in the .htaccess file. This works aswell. Now I wrote a little PHP script that looks in a table of a database if the user is allowed to access the page or not. So far, so good. The problem is that (since index.php is automatically called regarding to the DirectoryIndex directive) the directory is never listed. I'm pretty sure that there is a way how to manage this, but unfortunately I don't get it. Is there a header request that lists the directory without looking for the index.html and index.php? Below is the code of my index.php (DirectoryIndex index.html index.php): You need a valid user id. Error connecting to database! -- --- Helmut Tessarek --- [EMAIL PROTECTED] --- IBM Certified Solution Expert Microsoft Certified Systems Engineer (MCP, MCP+I, MCSE) Karmarschgasse 53/1/3/11, A-1100 Vienna, Austria - http://www.evermeet.cx - -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
