I think that you are looking at this from the wrong angle. What you should do, is password protect all CMS directories And then, anyone that needs access has to punch in a valid Username and password. Have a look at : http://sourceforge.net/projects/modauthmysql/ Sincerely berber Visit the Weber Sites Today, To see where PHP might take you tomorrow. PHP code examples : http://www.weberdev.com PHP & MySQL Forums : http://www.weberforums.com -----Original Message----- From: Shaun [mailto:shaunthornburgh@xxxxxxxxxxx] Sent: Monday, April 17, 2006 2:52 PM To: php-general@xxxxxxxxxxxxx Subject: Re: Including files from another site Hi, Thanks for your reply, sorry I should have been a little clearer in my explanation. Here goes... I have a dedicated UNIX server with many websites on it. On this server I have also created a Content Management System which has a database which I use to store HTML content for all the other websites. Each website has a database connection to the CMS database to retrieve the HTML for its pages. Each website that uses its own database has a folder called /cms and in here I keep all the database admin scripts for that website. I want these pages to only be accessible from within the CMS website and nothing else. So when the user is in the CMS they can click on database admin and it will include the pages in that websites /cms folder. My Question is how can I ensure that the CMS is the only website that can access these scripts securely? Thanks for your advice. ""Weber Sites LTD"" <berber@xxxxxxxxxxxxxxx> wrote in message news:2a6601c6621b$fa43bc60$6901a8c0@xxxxxxxxxxxxxxxxxxxxxxxxxx > I'm not sure I understand what you are trying to do. > What is the connection between frames and security? > > In general, assuming that all users have access to The same scripts, > you need to include in all of your Scripts some kind of security logic > that tells the Script which user can do what. > > Usually you would want to also allow group access Rather then user > access for easier maintenance. > > You should keep a user table with user, password And privileges. There > are endless ways to do this And you need to choose what is best for > your site. > > Have a look at some relevant code examples: > http://www.weberdev.com/AdvancedSearch.php?searchtype=title&search=aut > h > > berber > > -----Original Message----- > From: Shaun [mailto:shaunthornburgh@xxxxxxxxxxx] > Sent: Monday, April 17, 2006 12:46 PM > To: php-general@xxxxxxxxxxxxx > Subject: Including files from another site > > Hi, > > I have created a CMS where all sites on our server are administrated > from one central site, and HTML content is stored in the CMS database. > > I want users to all control their sites database functions from the > CMS site, but I want to keep the database and database admin scripts > in the individual website account to keep things simple. So I need > want to be able to include these scripts within the CMS site but keep > them secure. I have tried using frames but I can't keep a session > going in the database admin scripts, is there a better way to do this? > > Any advice would be greatly appreciated. > > -- > PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: > http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
