The easiest way in PHP that I have found is to create a file called
validate.php containing the following:
<?
if ($HTTP_COOKIE_VARS["MyCookie"] != 'Some Value') {
header("Location: http://my.company.com/login";);
}
?>
and, after the user has logged in, set a cookie. Then, for each page that
should be for a logged-in user only, just include the validate.php file.
Michael Fork - CCNA - MCP - A+
Network Support - Toledo Internet Access - Toledo Ohio
On Tue, 13 Mar 2001 Timothy_Maguire@xxxxxxxxxxxxxx wrote:
>
> if you are using apache web server you can try the .htaccess method. I am
> not too familar with it. I am trying to learn it myself, but from what i
> gather, you put a file called .htaccess in the dir where your web page is.
> the .htaccess file contains a path to the a file where all the user names
> and passwords are stored. whenever this dir is accessed, a window pops up
> asking for a user id and password.
>
> If anyone has more info on this, please pass it on. I am looking into
> using this as well. What i am looking to do is create a web based ftp
> application. Where users log into a web screen and can ftp files to the
> server into a certain directory own by them. I am storing the file paths
> and descriptions in a postgresql db and using php for the ftp process. Can
> I use .htaccess with this? Can I have someone log into the web page using
> .htaccess and passing their user id and password into a cookie or variable
> so i will know who they are and they don't have to re-type this when they
> ftp the file.
>
> Any help would be great.
> Thanks,
> Tim.
>
>
>
>
> Paul Joseph McGee <mcgee@xxxxxxxxxxxxxxxxx>@postgresql.org on 03/13/2001
> 12:20:57 PM
>
> Sent by: pgsql-php-owner@xxxxxxxxxxxxxx
>
>
> To: pgsql-php@xxxxxxxxxxxxxx
> cc:
>
> Subject: Secure pages
>
>
> Hi everybody,
> i have a user login authentication sysytem on my machine here where users
> may view pages but to do other things the user must login. the login
> scripts seem to work ok and are based on a "Secure Authentication System"
> from www.phpbuilder.com. Basically the page where i want people to arrive
> at upon logging in is at present viewable by anyone who puts the proper
> url into their browser. how do i keep this and other pages secure from
> people who havent logged in?
> Thanks,
> Paul
>
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
