restricting access to binaries via php? [message #6799] |
Thu, 24 October 2002 21:06 |
Olliver
Messages: 443 Registered: March 2002
Karma:
|
Senior Member |
|
|
Hi,
title may be a bit misleading but the following idea stands behind it. I want to create a small page for a friend of mine which stores within a directory presentations in .swf format. Only authorized persons should get access to these files. Problem is, that my friend wants to have a login form and not the .htaccess triggered password prompt by the browser. Documents don't seem to be a problem, thought about an authentification scheme using crypt() for the passwords. Then I only need to include the authorization scheme in each document, read the cookiefile I set and that's it. But what to do with that shockwave files? They still can be accessed from outside if the url is known to someone, guess that would have been the part where the Apache authorization scheme kicks in.
Is there a way to realize it just using php? encrypting passwords and comparing the result with the ones in the .htpasswd file does not work because apache crypt and php crypt have different results so the strings compared would be always false.
Maybe messing around with mod_rewrite rules could help, but I've never done it before. any hints would be appreciated, try to figure it out on my own then
bye
Ken
|
|
|