Re: [PHP] Preventing Access to Private Files

2007-09-13 Thread tedd
At 4:24 PM -0400 9/6/07, TG wrote: The web server software has access to certain directories, but PHP itself can have access to things outside the main web folders. That's good advice, but what do you do when safe_mode is ON? My experience is that PHP can't access folders out of the web root.

Re: [PHP] Preventing Access to Private Files

2007-09-13 Thread Chris
tedd wrote: At 4:24 PM -0400 9/6/07, TG wrote: The web server software has access to certain directories, but PHP itself can have access to things outside the main web folders. That's good advice, but what do you do when safe_mode is ON? My experience is that PHP can't access folders out of

Re: [PHP] Preventing Access to Private Files

2007-09-06 Thread mike
On 9/6/07, Stephen [EMAIL PROTECTED] wrote: I understand how to use PHP with MySQL to have a members table to validate passwords. And to limit the generation of member pages to members only. But what about photographs? If someone knows the complete URL they could view it directly, unless the

Re: [PHP] Preventing Access to Private Files

2007-09-06 Thread TG
web folders. Just some thoughts. Good luck! -TG - Original Message - From: Stephen [EMAIL PROTECTED] To: php-general@lists.php.net Date: Thu, 6 Sep 2007 16:03:52 -0400 (EDT) Subject: [PHP] Preventing Access to Private Files I understand how to use PHP with MySQL to have a members

RE: [PHP] Preventing Access to Private Files

2007-09-06 Thread Daevid Vincent
-Original Message- From: Stephen [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 1:04 PM To: php-general@lists.php.net Subject: [PHP] Preventing Access to Private Files I understand how to use PHP with MySQL to have a members table to validate passwords. And to limit

[PHP] Preventing Access to Private Files

2007-09-06 Thread Stephen
I understand how to use PHP with MySQL to have a members table to validate passwords. And to limit the generation of member pages to members only. But what about photographs? If someone knows the complete URL they could view it directly, unless the directory is protected using .htpassword But I

RE: [PHP] Preventing Access to Private Files

2007-09-06 Thread Daevid Vincent
installed, you could also do the .htaccess route, but that's not as elegant. d -Original Message- From: tedd [mailto:[EMAIL PROTECTED] Sent: Thursday, September 06, 2007 5:02 PM To: Daevid Vincent; php-general@lists.php.net Subject: RE: [PHP] Preventing Access to Private Files

Re: [PHP] Preventing Access to Private Files

2007-09-06 Thread brian
Daevid Vincent wrote: Depends on your host I guess. Some hosts give you an entire Virtual Machine with root access. It depends on your distro too. But usually it's in /etc/apache... If you don't have direct access, you will have to talk to them about if mod_auth_mysql is installed and have them

RE: [PHP] Preventing Access to Private Files

2007-09-06 Thread tedd
At 1:15 PM -0700 9/6/07, Daevid Vincent wrote: Basically add something like this to your apache vhost_foo.conf file: Where's that? I'm on a hosted server -- is that something that I can get to? Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com --