Ideas how to achieve this?
Ideas how to achieve this?
am 20.01.2008 15:59:42 von DFS
I have a project i am not sure how to achieve the desired results. I need
some advice/direction if anyone can help.
I have a domain name. Under that domain lots of individual websites:
??????.com
??????.com/website1
??????.com/website2
??????.com/website3
1) The domain home page has a login screen. Depending on the username and
password the user is taken to the relavent website index page.
This would all work fine i could specifiy the user/password and
corresponding website directory in a mysql table
THE DILEMA - The websites are large and always being updated therefore i
cannot add corresponding (session) php code to every html webpage within the
websites. Therefore how can I stop a user copying and pasting a external
link to one of these pages or files located within the website i.e. by
passing the login.
Any ideas?
TIA
Re: Ideas how to achieve this?
am 20.01.2008 20:46:08 von Jerry Stuckle
Mike wrote:
> I have a project i am not sure how to achieve the desired results. I need
> some advice/direction if anyone can help.
>
> I have a domain name. Under that domain lots of individual websites:
>
> ??????.com
> ??????.com/website1
> ??????.com/website2
> ??????.com/website3
>
> 1) The domain home page has a login screen. Depending on the username and
> password the user is taken to the relavent website index page.
> This would all work fine i could specifiy the user/password and
> corresponding website directory in a mysql table
>
> THE DILEMA - The websites are large and always being updated therefore i
> cannot add corresponding (session) php code to every html webpage within the
> websites. Therefore how can I stop a user copying and pasting a external
> link to one of these pages or files located within the website i.e. by
> passing the login.
>
> Any ideas?
> TIA
>
>
>
You can't. If a page doesn't check to see if the user is logged in,
there is no way you can prevent someone from directly linking to that page.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Re: Ideas how to achieve this?
am 20.01.2008 21:10:56 von DFS
"Jerry Stuckle" wrote in message
news:ePmdnYBeD6PdOA7anZ2dnUVZ_q3inZ2d@comcast.com...
> Mike wrote:
>> I have a project i am not sure how to achieve the desired results. I need
>> some advice/direction if anyone can help.
>>
>> I have a domain name. Under that domain lots of individual websites:
>>
>> ??????.com
>> ??????.com/website1
>> ??????.com/website2
>> ??????.com/website3
>>
>> 1) The domain home page has a login screen. Depending on the username and
>> password the user is taken to the relavent website index page.
>> This would all work fine i could specifiy the user/password and
>> corresponding website directory in a mysql table
>>
>> THE DILEMA - The websites are large and always being updated therefore i
>> cannot add corresponding (session) php code to every html webpage within
>> the websites. Therefore how can I stop a user copying and pasting a
>> external link to one of these pages or files located within the website
>> i.e. by passing the login.
>>
>> Any ideas?
>> TIA
>>
>>
>>
>
> You can't. If a page doesn't check to see if the user is logged in, there
> is no way you can prevent someone from directly linking to that page.
>
Jerry
Is there not a way to somehow restrict by folder. i.e. sessions which are
related to the folder and not the files within?
Re: Ideas how to achieve this?
am 20.01.2008 21:24:41 von Jerry Stuckle
Mike wrote:
> "Jerry Stuckle" wrote in message
> news:ePmdnYBeD6PdOA7anZ2dnUVZ_q3inZ2d@comcast.com...
>> Mike wrote:
>>> I have a project i am not sure how to achieve the desired results. I need
>>> some advice/direction if anyone can help.
>>>
>>> I have a domain name. Under that domain lots of individual websites:
>>>
>>> ??????.com
>>> ??????.com/website1
>>> ??????.com/website2
>>> ??????.com/website3
>>>
>>> 1) The domain home page has a login screen. Depending on the username and
>>> password the user is taken to the relavent website index page.
>>> This would all work fine i could specifiy the user/password and
>>> corresponding website directory in a mysql table
>>>
>>> THE DILEMA - The websites are large and always being updated therefore i
>>> cannot add corresponding (session) php code to every html webpage within
>>> the websites. Therefore how can I stop a user copying and pasting a
>>> external link to one of these pages or files located within the website
>>> i.e. by passing the login.
>>>
>>> Any ideas?
>>> TIA
>>>
>>>
>>>
>> You can't. If a page doesn't check to see if the user is logged in, there
>> is no way you can prevent someone from directly linking to that page.
>>
>
>
> Jerry
>
> Is there not a way to somehow restrict by folder. i.e. sessions which are
> related to the folder and not the files within?
>
>
>
Only if you're using HTTP authentication - which is different than what
you're talking about. HTTP authentication is where you get the popup
from your browser asking for your userid and password.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Re: Ideas how to achieve this?
am 20.01.2008 21:25:02 von Shion
Mike wrote:
> "Jerry Stuckle" wrote in message
>> You can't. If a page doesn't check to see if the user is logged in, there
>> is no way you can prevent someone from directly linking to that page.
>
> Is there not a way to somehow restrict by folder. i.e. sessions which are
> related to the folder and not the files within?
You can use server side auth, without the proper username/password you can't
access anything in the directory. How this is done depends on the web server
program used and by the settings the web server uses. As this is done on the
web server and not in php, the question is better asked at a newsgroup
dedicated to your web server.
--
//Aho
Re: Ideas how to achieve this?
am 20.01.2008 21:56:41 von Greg
"Mike" wrote in message
news:13p6ofd6lsm7ubd@corp.supernews.com...
>I have a project i am not sure how to achieve the desired results. I need
>some advice/direction if anyone can help.
>
> I have a domain name. Under that domain lots of individual websites:
>
> ??????.com
> ??????.com/website1
> ??????.com/website2
> ??????.com/website3
>
> 1) The domain home page has a login screen. Depending on the username and
> password the user is taken to the relavent website index page.
> This would all work fine i could specifiy the user/password and
> corresponding website directory in a mysql table
>
> THE DILEMA - The websites are large and always being updated therefore i
> cannot add corresponding (session) php code to every html webpage within
> the websites. Therefore how can I stop a user copying and pasting a
> external link to one of these pages or files located within the website
> i.e. by passing the login.
>
> Any ideas?
> TIA
>
>
Why can't you add the code to every page, or call an include with the
session info?? It would help if we understand the resrtictions you face.
Greg
Re: Ideas how to achieve this?
am 20.01.2008 22:08:43 von DFS
"Jerry Stuckle" wrote in message
news:h8KdnSRlZdvUMw7anZ2dnUVZ_hninZ2d@comcast.com...
> Mike wrote:
>> "Jerry Stuckle" wrote in message
>> news:ePmdnYBeD6PdOA7anZ2dnUVZ_q3inZ2d@comcast.com...
>>> Mike wrote:
>>>> I have a project i am not sure how to achieve the desired results. I
>>>> need some advice/direction if anyone can help.
>>>>
>>>> I have a domain name. Under that domain lots of individual websites:
>>>>
>>>> ??????.com
>>>> ??????.com/website1
>>>> ??????.com/website2
>>>> ??????.com/website3
>>>>
>>>> 1) The domain home page has a login screen. Depending on the username
>>>> and password the user is taken to the relavent website index page.
>>>> This would all work fine i could specifiy the user/password and
>>>> corresponding website directory in a mysql table
>>>>
>>>> THE DILEMA - The websites are large and always being updated therefore
>>>> i cannot add corresponding (session) php code to every html webpage
>>>> within the websites. Therefore how can I stop a user copying and
>>>> pasting a external link to one of these pages or files located within
>>>> the website i.e. by passing the login.
>>>>
>>>> Any ideas?
>>>> TIA
>>>>
>>>>
>>>>
>>> You can't. If a page doesn't check to see if the user is logged in,
>>> there is no way you can prevent someone from directly linking to that
>>> page.
>>>
>>
>>
>> Jerry
>>
>> Is there not a way to somehow restrict by folder. i.e. sessions which
>> are related to the folder and not the files within?
>
> Only if you're using HTTP authentication - which is different than what
> you're talking about. HTTP authentication is where you get the popup from
> your browser asking for your userid and password.
>
I did look at this first but was told this cannot be done.
Keep in mind i need central login screen. I don't believe with normal HTTP
authentication i can specifiy which directory to take the user to. Hence
why i needed PHP/Mysql to specify the path
The server is Win2003, IIS.
I'm stuck :(
Re: Ideas how to achieve this?
am 20.01.2008 22:12:05 von DFS
"Greg" wrote in message
news:dAOkj.15791$LN4.7268@trnddc07...
> "Mike" wrote in message
> news:13p6ofd6lsm7ubd@corp.supernews.com...
>>I have a project i am not sure how to achieve the desired results. I need
>>some advice/direction if anyone can help.
>>
>> I have a domain name. Under that domain lots of individual websites:
>>
>> ??????.com
>> ??????.com/website1
>> ??????.com/website2
>> ??????.com/website3
>>
>> 1) The domain home page has a login screen. Depending on the username and
>> password the user is taken to the relavent website index page.
>> This would all work fine i could specifiy the user/password and
>> corresponding website directory in a mysql table
>>
>> THE DILEMA - The websites are large and always being updated therefore i
>> cannot add corresponding (session) php code to every html webpage within
>> the websites. Therefore how can I stop a user copying and pasting a
>> external link to one of these pages or files located within the website
>> i.e. by passing the login.
>>
>> Any ideas?
>> TIA
>>
>>
>
> Why can't you add the code to every page, or call an include with the
> session info?? It would help if we understand the resrtictions you face.
>
> Greg
Hi
The webspace is being uploaded and updated by external users (via ftp).
I cannot provide them with my own php code and ask them to add it to every
webpage they produce. They are also uploading zip files which
presents another direct link problem.
Re: Ideas how to achieve this?
am 20.01.2008 23:55:50 von Jerry Stuckle
Mike wrote:
> "Jerry Stuckle" wrote in message
> news:h8KdnSRlZdvUMw7anZ2dnUVZ_hninZ2d@comcast.com...
>> Mike wrote:
>>> "Jerry Stuckle" wrote in message
>>> news:ePmdnYBeD6PdOA7anZ2dnUVZ_q3inZ2d@comcast.com...
>>>> Mike wrote:
>>>>> I have a project i am not sure how to achieve the desired results. I
>>>>> need some advice/direction if anyone can help.
>>>>>
>>>>> I have a domain name. Under that domain lots of individual websites:
>>>>>
>>>>> ??????.com
>>>>> ??????.com/website1
>>>>> ??????.com/website2
>>>>> ??????.com/website3
>>>>>
>>>>> 1) The domain home page has a login screen. Depending on the username
>>>>> and password the user is taken to the relavent website index page.
>>>>> This would all work fine i could specifiy the user/password and
>>>>> corresponding website directory in a mysql table
>>>>>
>>>>> THE DILEMA - The websites are large and always being updated therefore
>>>>> i cannot add corresponding (session) php code to every html webpage
>>>>> within the websites. Therefore how can I stop a user copying and
>>>>> pasting a external link to one of these pages or files located within
>>>>> the website i.e. by passing the login.
>>>>>
>>>>> Any ideas?
>>>>> TIA
>>>>>
>>>>>
>>>>>
>>>> You can't. If a page doesn't check to see if the user is logged in,
>>>> there is no way you can prevent someone from directly linking to that
>>>> page.
>>>>
>>>
>>> Jerry
>>>
>>> Is there not a way to somehow restrict by folder. i.e. sessions which
>>> are related to the folder and not the files within?
>> Only if you're using HTTP authentication - which is different than what
>> you're talking about. HTTP authentication is where you get the popup from
>> your browser asking for your userid and password.
>>
>
>
> I did look at this first but was told this cannot be done.
> Keep in mind i need central login screen. I don't believe with normal HTTP
> authentication i can specifiy which directory to take the user to. Hence
> why i needed PHP/Mysql to specify the path
> The server is Win2003, IIS.
>
> I'm stuck :(
>
>
>
>
You can specify the directory(s) or files which are protected in IIS.
But you can't use your central login screen for http authentication.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Re: Ideas how to achieve this?
am 21.01.2008 01:37:39 von DFS
"Jerry Stuckle" wrote in message
news:KrmdnUztqsQrTA7anZ2dnUVZ_urinZ2d@comcast.com...
> Mike wrote:
>> "Jerry Stuckle" wrote in message
>> news:h8KdnSRlZdvUMw7anZ2dnUVZ_hninZ2d@comcast.com...
>>> Mike wrote:
>>>> "Jerry Stuckle" wrote in message
>>>> news:ePmdnYBeD6PdOA7anZ2dnUVZ_q3inZ2d@comcast.com...
>>>>> Mike wrote:
>>>>>> I have a project i am not sure how to achieve the desired results. I
>>>>>> need some advice/direction if anyone can help.
>>>>>>
>>>>>> I have a domain name. Under that domain lots of individual websites:
>>>>>>
>>>>>> ??????.com
>>>>>> ??????.com/website1
>>>>>> ??????.com/website2
>>>>>> ??????.com/website3
>>>>>>
>>>>>> 1) The domain home page has a login screen. Depending on the username
>>>>>> and password the user is taken to the relavent website index page.
>>>>>> This would all work fine i could specifiy the user/password and
>>>>>> corresponding website directory in a mysql table
>>>>>>
>>>>>> THE DILEMA - The websites are large and always being updated
>>>>>> therefore i cannot add corresponding (session) php code to every html
>>>>>> webpage within the websites. Therefore how can I stop a user copying
>>>>>> and pasting a external link to one of these pages or files located
>>>>>> within the website i.e. by passing the login.
>>>>>>
>>>>>> Any ideas?
>>>>>> TIA
>>>>>>
>>>>>>
>>>>>>
>>>>> You can't. If a page doesn't check to see if the user is logged in,
>>>>> there is no way you can prevent someone from directly linking to that
>>>>> page.
>>>>>
>>>>
>>>> Jerry
>>>>
>>>> Is there not a way to somehow restrict by folder. i.e. sessions which
>>>> are related to the folder and not the files within?
>>> Only if you're using HTTP authentication - which is different than what
>>> you're talking about. HTTP authentication is where you get the popup
>>> from your browser asking for your userid and password.
>>>
>>
>>
>> I did look at this first but was told this cannot be done.
>> Keep in mind i need central login screen. I don't believe with normal
>> HTTP authentication i can specifiy which directory to take the user to.
>> Hence why i needed PHP/Mysql to specify the path
>> The server is Win2003, IIS.
>>
>> I'm stuck :(
>>
>>
>>
>>
>
> You can specify the directory(s) or files which are protected in IIS. But
> you can't use your central login screen for http authentication.
>
That's right hence my use of php for the login. Am i right in thinking
what i am trying to do is not possible.
Re: Ideas how to achieve this?
am 21.01.2008 03:13:13 von Jerry Stuckle
Mike wrote:
> "Jerry Stuckle" wrote in message
> news:KrmdnUztqsQrTA7anZ2dnUVZ_urinZ2d@comcast.com...
>> Mike wrote:
>>> "Jerry Stuckle" wrote in message
>>> news:h8KdnSRlZdvUMw7anZ2dnUVZ_hninZ2d@comcast.com...
>>>> Mike wrote:
>>>>> "Jerry Stuckle" wrote in message
>>>>> news:ePmdnYBeD6PdOA7anZ2dnUVZ_q3inZ2d@comcast.com...
>>>>>> Mike wrote:
>>>>>>> I have a project i am not sure how to achieve the desired results. I
>>>>>>> need some advice/direction if anyone can help.
>>>>>>>
>>>>>>> I have a domain name. Under that domain lots of individual websites:
>>>>>>>
>>>>>>> ??????.com
>>>>>>> ??????.com/website1
>>>>>>> ??????.com/website2
>>>>>>> ??????.com/website3
>>>>>>>
>>>>>>> 1) The domain home page has a login screen. Depending on the username
>>>>>>> and password the user is taken to the relavent website index page.
>>>>>>> This would all work fine i could specifiy the user/password and
>>>>>>> corresponding website directory in a mysql table
>>>>>>>
>>>>>>> THE DILEMA - The websites are large and always being updated
>>>>>>> therefore i cannot add corresponding (session) php code to every html
>>>>>>> webpage within the websites. Therefore how can I stop a user copying
>>>>>>> and pasting a external link to one of these pages or files located
>>>>>>> within the website i.e. by passing the login.
>>>>>>>
>>>>>>> Any ideas?
>>>>>>> TIA
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> You can't. If a page doesn't check to see if the user is logged in,
>>>>>> there is no way you can prevent someone from directly linking to that
>>>>>> page.
>>>>>>
>>>>> Jerry
>>>>>
>>>>> Is there not a way to somehow restrict by folder. i.e. sessions which
>>>>> are related to the folder and not the files within?
>>>> Only if you're using HTTP authentication - which is different than what
>>>> you're talking about. HTTP authentication is where you get the popup
>>>> from your browser asking for your userid and password.
>>>>
>>>
>>> I did look at this first but was told this cannot be done.
>>> Keep in mind i need central login screen. I don't believe with normal
>>> HTTP authentication i can specifiy which directory to take the user to.
>>> Hence why i needed PHP/Mysql to specify the path
>>> The server is Win2003, IIS.
>>>
>>> I'm stuck :(
>>>
>>>
>>>
>>>
>> You can specify the directory(s) or files which are protected in IIS. But
>> you can't use your central login screen for http authentication.
>>
>
>
>
> That's right hence my use of php for the login. Am i right in thinking
> what i am trying to do is not possible.
>
>
>
That's the first thing I said.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Re: Ideas how to achieve this?
am 21.01.2008 04:13:29 von DFS
"Jerry Stuckle" wrote in message
news:D5WdnWtQ-spkYg7anZ2dnUVZ_tbinZ2d@comcast.com...
> Mike wrote:
>> "Jerry Stuckle" wrote in message
>> news:KrmdnUztqsQrTA7anZ2dnUVZ_urinZ2d@comcast.com...
>>> Mike wrote:
>>>> "Jerry Stuckle" wrote in message
>>>> news:h8KdnSRlZdvUMw7anZ2dnUVZ_hninZ2d@comcast.com...
>>>>> Mike wrote:
>>>>>> "Jerry Stuckle" wrote in message
>>>>>> news:ePmdnYBeD6PdOA7anZ2dnUVZ_q3inZ2d@comcast.com...
>>>>>>> Mike wrote:
>>>>>>>> I have a project i am not sure how to achieve the desired results.
>>>>>>>> I need some advice/direction if anyone can help.
>>>>>>>>
>>>>>>>> I have a domain name. Under that domain lots of individual
>>>>>>>> websites:
>>>>>>>>
>>>>>>>> ??????.com
>>>>>>>> ??????.com/website1
>>>>>>>> ??????.com/website2
>>>>>>>> ??????.com/website3
>>>>>>>>
>>>>>>>> 1) The domain home page has a login screen. Depending on the
>>>>>>>> username and password the user is taken to the relavent website
>>>>>>>> index page.
>>>>>>>> This would all work fine i could specifiy the user/password and
>>>>>>>> corresponding website directory in a mysql table
>>>>>>>>
>>>>>>>> THE DILEMA - The websites are large and always being updated
>>>>>>>> therefore i cannot add corresponding (session) php code to every
>>>>>>>> html webpage within the websites. Therefore how can I stop a user
>>>>>>>> copying and pasting a external link to one of these pages or files
>>>>>>>> located within the website i.e. by passing the login.
>>>>>>>>
>>>>>>>> Any ideas?
>>>>>>>> TIA
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> You can't. If a page doesn't check to see if the user is logged in,
>>>>>>> there is no way you can prevent someone from directly linking to
>>>>>>> that page.
>>>>>>>
>>>>>> Jerry
>>>>>>
>>>>>> Is there not a way to somehow restrict by folder. i.e. sessions
>>>>>> which are related to the folder and not the files within?
>>>>> Only if you're using HTTP authentication - which is different than
>>>>> what you're talking about. HTTP authentication is where you get the
>>>>> popup from your browser asking for your userid and password.
>>>>>
>>>>
>>>> I did look at this first but was told this cannot be done.
>>>> Keep in mind i need central login screen. I don't believe with normal
>>>> HTTP authentication i can specifiy which directory to take the user
>>>> to. Hence why i needed PHP/Mysql to specify the path
>>>> The server is Win2003, IIS.
>>>>
>>>> I'm stuck :(
>>>>
>>>>
>>>>
>>>>
>>> You can specify the directory(s) or files which are protected in IIS.
>>> But you can't use your central login screen for http authentication.
>>>
>>
>>
>>
>> That's right hence my use of php for the login. Am i right in thinking
>> what i am trying to do is not possible.
>
> That's the first thing I said.
>
> --
>
You Did. Thank you for taking the time to reply Jerry. It's appreciated
Re: Ideas how to achieve this?
am 21.01.2008 08:45:11 von David Quinton
On Sun, 20 Jan 2008 14:59:42 -0000, "Mike" wrote:
>THE DILEMA - The websites are large and always being updated therefore i
>cannot add corresponding (session) php code to every html webpage within the
>websites.
auto_prepend using .htaccess?
--
Locate your Mobile phone:
Great gifts: