|
Can you give me a little bit more info on
this issue? One of the number of the ways? From: Peter J Milanese
[mailto:PMilanese@xxxxxxxx] There are a number of ways to handle this. If your site is a mix
of auth/anon, you probably want to put it in the php. Just do an isset in the
php. Documentation on php.net should be helpful. ----- Original Message ----- Hi, In our web, users should login to access certain contents.
But today we’ve just realized that, one can acces those contents without
loging in. In other words, just typing http://xxx.xx/graph_view.php?action="">
brings the graphs. We are using free software, may be that’s why it is
not so secure. Has anyone suggest me how to prevent these kind of things. How
can I configure apache, so that it won’t bring the page if it has
REMOTE_USER env variable not set? Or if it has nothing to do with Apache? BR, Baynaa. |
|