Posted by Rik on 10/24/06 02:52

laredotornado@zipmail.com wrote:
> Thanks, Rik. This is the solution I'll pursue. But I have one follow
> up question. What does "accesscontrol.php" return upon successful
> authentication and upon authentication failure?
>


$logged_in = your_own_code();
if(!$not_logged_in){
header('HTTP/1.0 401 Unauthorized');
exit;
}
$path = parse_url($_GET['file'],PHP_URL_PATH);
$file = dirname(__FILE__).'/'.$fake_url['path'];
if(!is_file($file){
header("HTTP/1.0 404 Not Found");
exit;
}
$ext = pathinfo($file,PATHINFO_EXTENSION);
if(strcasecmp($ext,'php') || strcasecmp($ext,'html'){
include($file);
exit;
}
$ext_mime = array(
'jpg' => 'image/jpeg',
'pdf' => 'application/pdf',
etc...);
header('Content-type: '.$ext_mime[$ext]);
readfile($file);

--
Rik Wasmus

• Next in forum: Re: return values
• Prev in forum: Re: How do I auto-login to a protected site?
• Thread view: Re: Simplest scheme for password protection?

[Reply to this message]