Hi!
I have an authentication problem...
My users are authenticated through a mysql table. This set up a session variable to "true" and allow them to browse different pages (in each page I test that session variable).
To deny direct access to the directory, I put an htaccess which simply denies all accesses.
Things are working fine, except when I want to open a popup.In that case I again have the apache "forbidden".
What I don't understand: my site is built has an index page which include in it's center the requested specific pages.
So I have something like index.php?page_called=protected1
and in index I do an include of protected1.php.
This will include the page protected1.php which is in the protected directory in the webpage without any problem.
I don't understand why this is working as I include the file directly (include ("./protectedDirectory/protected1.php")) whereas a simple javascipt window open with that script is not allowed.
And I have no idea how to modify that, for some little things it's easier for my user to have a display popup (eg to remind him old values), and currently I have to put that file out of the protected directory.
I could put that files somewhere else than under the webroot, but I think there is a way of allowing popup opening by the php script?
Sorry if this may be a bit off topic, but I tried to find inforamtion on google/apache and found nothing, and I'm sure some of you are using that system as well?
Thanks for your time!
_________________________________________________________________
It's fast, it's easy and it's free. Get MSN Messenger today! http://www.msn.co.uk/messenger
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
