This is what I do:
Use .htaccess files to block all access to each folder
then use a single php script in the root to handle all requests
to different folders.
like:
pictures/main.php
private/main.php
in index.php
if(!$UserAuthenticated) { include("login/login.php"); exit; }
$content = 'pictures'
$action = 'main'
if(!$content) { $content = 'main'; }
if(!$action) { $action = 'main'; }
include($content . "/" . $action . ".inc.php");
Then for links you would have:
<a href="http://www.mysite.com/index.php?
content=pictures&action=main">Go to Pictures</a>
You then controll main access vi cookies and some sort of
authentication mechanism placed above the include
This way you don't have to worry about each subdirectory.
--Travis
Wade Preston Shearer <[EMAIL PROTECTED]> said:
> okay... i understand the password/authentication part now.
thanks to
> those who posted help.
>
> now, what is the best way to protect the directories/files
beneath the
> login page?
>
> with .htaccess it does this automatically (well, with the
correct
> settings), protection any file/directory beneath
the .htaccess file.
>
> how do you do this when authenticating via PHP? are
cookies the best
> way?
>
> -wade
>
>
>
> ____________________
> BYU Unix Users Group
> http://uug.byu.edu/
>
______________________________________________
_____________________
> List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
>
--
____________________
BYU Unix Users Group
http://uug.byu.edu/
___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
