Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Apache (.htaccess) securing of folder with database

Status
Not open for further replies.
Geee

Geee

Programmer
Apr 23, 2001
253
GB
I am hoping to allow users access to certain parts of our main corporate server by using a basic PHP login to generate a menu of items they can access. On our server is a variety of PHP applications some open source, and some home written. At the moment we have our webmail, a wiki, a bug tracking application along with some custom php application that allow us to manage various bespoke aspects.

What I want to be able to do, is to use some port forwarding to allow remote access to the server. I then want to prompt the user to login and generate a menu of items they can use (from the database). This I have already done successfully.

The tricky part here is that if someone is not logged in to the main system, I don't want them to be able to browse to something they should not see just because they know the URL. I thought that there may be a way to use apache folder protection and .htaccess to do this. I know you can tell htaccess to use a mysql database for its username and passwords, but it's a little more complicated than that!

Does anyone have any idea how this can be achieved without actually inserting code into every page of every application we have running on the server please?

Thanks.

G

-Geeeeeeeeeeeeeeeeeeeeeeee-
 
Sort by date Sort by votes
what i do is put an .htaccess file in every directory that i want protected. i use the directive
Code: 
DENY FROM ALL

i then have a script behind a login (managed by php, not apache) that lists the resources i want to make available to a particular user and fetches them selectively (quasi-proxy) through file system calls rather than web server. the file system access, of course, is not affected by .htaccess files.


 
Upvote 0 Downvote
Is it possible to serve pages to the user through file system calls? Something akin to an iframe would be fine, I just thought the php scripts would not be run this way. If you have more information on this method it would be greatly appreciated!

-Geeeeeeeeeeeeeeeeeeeeeeee-
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

EdLentz
  • Locked
  • Question
I need a simple example of how to send a table of info .
Replies
8
Views
259
EdLentz
EdLentz
ersatz
  • Locked
  • Question
How to send 2 select from mysql database in email like tables
Replies
5
Views
279
ersatz
ersatz
PeDa
  • Locked
  • Question
POST Content-lLength of ... bytes exceeds the limit of 8388608 bytes in Unknown on line 0
Replies
4
Views
291
feherke
feherke
vie3548
  • Locked
  • Question
MEMO FIELD NULL INSTEAD OF EMPTY STRING
Replies
0
Views
84
vie3548
vie3548
PeDa
  • Locked
  • Question
unwanted spaces inserted into the middle of php-generated html email body 1
Replies
2
Views
115
PeDa
PeDa

Part and Inventory Search

Sponsor

Back
Top