Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how to use .htaccess to control php file open behavior 2

Status
Not open for further replies.
flubbard

flubbard

Technical User
Jun 11, 2003
148
US
I have written a php viewer that displays various text files. The text files are stored within subdirectories with the viewer in the root.

I would like for users to only view text files that they have rights to according to an .htaccess file located in the directory with the text file.

The problem is, everyone has to have rights to the viewer. Basically, I would like the php file to only be able to open the text file in the subdirectory if a valid user is logged in. Is there a way to do this using .htaccess, is there a better alternative, or do I need to create my own file access control code?

Any help would be appreciated.
 
Sort by date Sort by votes
flubbard,

If your php script is in a different directory than your text files, you can restrict access to the text file directory with .htaccess, such as

/path/to/php
/path/to/text

Wishdiak
 
Upvote 0 Downvote
Wishdiak,

Would this still keep the php script from accessing the file unless a valid user has logged on? The text file itself is not be displayed by apache but only through the viewer (it is being opened and processed by the script).

Might there be a setting that I need to change in either httpd.conf or php.conf that would produce the behavior. When I tried to put an .htaccess file into the text directory, the viewer opened it and showed it without asking the user to log in (the already logged in user did not have proper permissions under the .htaccess file)

Thanks in advance for any help you can provide.
 
Upvote 0 Downvote
You can't use .htaccess in this way.

Apache applies .htaccess security directives only when a browser connection comes in through the network. PHP's access to files is simply a filesystem function that Apace has not control over.

Even if you were to put these files into a directory and access them using HTTP URLs in PHP's filesytem functions, you would have no control over what would be accessed, as PHP will run as the same user every time -- the user as which Apache runs.


Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
sleipnir

Thanks for the help...that's kind of what I figured. I guess its on to writing a little access control routine within the script.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Krus1972
  • Locked
  • Question
Rewrite Rule for .htaccess Help
Replies
0
Views
377
Krus1972
Krus1972
SamBones
  • Locked
  • Question
How Do I Start/Stop Systemd Services as a non-root User?
Replies
2
Views
1K
gbaughma
gbaughma
donald lepariku
  • Locked
  • Question
Error: 694, Severity: 24, State: 10 An attempt was made to read logical page '153', virtpage '616' f 1
Replies
3
Views
460
spamjim
spamjim
bk Patel
  • Locked
  • Question
Openscape 4000 Eco Server
Replies
3
Views
607
bk Patel
bk Patel
spamjim
  • Locked
  • Question
Sorting out NTFS filesystem issues
Replies
0
Views
320
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top