I think you want the user to browse thru the directories and download a
file.
In this case the only way I see this resolving is to make your own index
list of files. You can create a index.php in every directory the user can
see in which you can do something like:
<?php
require_once('/auth_user.php');
// About the auth_user.php I discused in the earlier post
$path_back="../";
function getFileList(){
...
return $fileList;
}
$files=getFileList();
echo "<a href='".$path_back."'>..</a>"
for ($i=0; $i<sizeof($files);$i++){
echo <a href='".$files[$i]."'>".$files[$i]."</a><br>"
}
?>
Torn the navigation thru directories off.
The only impediment is the fact that you cannot restrict this way the user
to access directly a file if he already getted once.
If you really want to do that you may try this approach but instead of
scanning the files in the directory to have the files, keep the files else
where and submit the links when the user try to download one to another php
file which get them for you if the user was authenticated. The getter should
look like this:
<?php
require_once("/auth_user.php");
function getRealPath($theRelativePath){
return "../a_new_path_added_to_relative_path".$theRelativePath;
}
if(isset($HTTP_GET_VARS['path'])){
header("Location:".getRealPath($HTTP_GET_VARS['path']));
}else{
header("Location:/index.php");
}
?>
Hope this helps
--
-------------------------------------------------
Cristian MARIN - Developer
InterAKT Online (www.interakt.ro)
Tel: +4021 312.53.12
Tel/Fax: +4021 312.51.91
[EMAIL PROTECTED]
"Guru P Chaturvedi" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi Cristian,
>
> Well what wanted to tell u is all the files that i wanna secure are kind
of
> Word Documents, PDFs, .EXEs which users can access. If i use .htaccess
files
> it works fine. But i want to provide a HTML login form. can u now explain
me
> how i can go about... ?
>
> Regards,
> Guru.
>
>
>
> "Cristian Marin" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> > Create the authentication form which submit the page to a php ... there
> you
> > verify first if the user and password are ok then you make something
like
> > this:
> >
> > if ($username='ok' && $password='ok')
> > session_start();
> > session_register('username');
> > session_register('id_user');
> > }
> >
> > after this in all protected pages you have to add in first line
something
> > like this:
> > <?php
> >
> > session_start();
> > if (!isset($HTTP_SESSION_VARS['username'])){
> > header("Location:login.php");
> > }
> >
> > //the page code here
> >
> > ?>
> > You may even enter the session_start and if into a different page and on
> top
> > of every page to write :
> > <?php
> > require_once('verify_auth.php');
> >
> > //the page code here
> >
> > ?>
> > and the user will be automatically redirected to the login page if is
not
> > logged in.
> >
> > If is not this the problem explain me what I have miss understood and I
> will
> > send you the exact code. Sorry, I don't have time to read all the
messages
> > in this topic.
> >
> > By
> >
> > --
> > -------------------------------------------------
> > Cristian MARIN - Developer
> > InterAKT Online (www.interakt.ro)
> > Tel: +4021 312.53.12
> > Tel/Fax: +4021 312.51.91
> > [EMAIL PROTECTED]
> > "Guru P Chaturvedi" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]
> > > Hi Neil,
> > >
> > > Well is it basically to collect user name and password from user? What
> > > actually i am looking for is skipping this screen and having the same
> > > functionality thru a HTML form.
> > >
> > > Lemme explain you in details... I have a set of files protected using
> the
> > > Auth Directives. So user's need to provide user name and password to
> > access
> > > these files via browser. Now what i am looking at is using HTML form
to
> > > login like Yahoo! or MSN... but users who login using this method only
> > > should be able to access files. Are there any ways of doing this...
> please
> > > help me out in this regard.
> > >
> > > Thanks in advance,
> > > Guru.
> > >
> > > "Neil Smith" <[EMAIL PROTECTED]> wrote in message
> > > news:[EMAIL PROTECTED]
> > > > Try this. Please note that on windows you *cannot* raise a http auth
> box
> > > > this way (PHP_AUTH_USER is not defined for Apache on windows), so
you
> > will
> > > > need to use this on your live unix Apache/PHP server :
> > > >
> > > > function getUserAuthPW() {
> > > > // If present, set user Authenticate Password box values
> > > > global $_SERVER;
> > > > if (isset($_SERVER["PHP_AUTH_USER"])) {
> > > >
> > $username=safestring($_SERVER["PHP_AUTH_USER"]);
> > > >
> $password=safestring($_SERVER["PHP_AUTH_PW"]);
> > > > return true;
> > > > } else {
> > > > header("WWW-Authenticate: Basic
> > > > realm=\"CaptionKit\"");
> > > > header("HTTP/1.0 401 Unauthorized");
> > > > echo "You must enter a valid login ID and
> > > password
> > > > to access this resource\n";
> > > > exit;
> > > > }
> > > > }
> > > >
> > > > What this does is to check for PHP_AUTH_USER and if it's not
defined,
> > > > raises a 401 error. The client interprets this as a request to enter
> > user
> > > > name & password, and brings up the grey box you see using .htaccess
/
> > > > .htpasswd files. The function safestring just adds slashes if
there
> > are
> > > > characters which need escaping for your database (some people might
> just
> > > > 'addslashes()' but I do a little more first, like trim and
> > > htmlspecialchars).
> > > >
> > > > Cheers - Neil Smith.
> > > >
> > > > Please note : I do not accept email from hotmail, yahoo, AOL or msn
> > > > accounts. All such mail *will* be bounced and deleted without being
> > read.
> > > > Thankyou for your understanding.
> > > >
> > > > At 07:36 16/06/2003 +0000, you wrote:
> > > > >Message-ID: <[EMAIL PROTECTED]>
> > > > >To: [EMAIL PROTECTED]
> > > > >Reply-To: "Guru P Chaturvedi" <[EMAIL PROTECTED]>
> > > > >From: "Guru P Chaturvedi" <[EMAIL PROTECTED]>
> > > > >Date: Mon, 16 Jun 2003 01:16:53 +0530
> > > > >Subject: Re: User Authentication...
> > > > >MIME-Version: 1.0
> > > > >
> > > > >Hi,
> > > > >
> > > > >Any clues...please?!
> > > >
> > >
> > >
> >
> >
>
>
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
