|
Posted by Charles Hamel on 04/06/05 19:02
"Duncan Hill" <dhill+php@cricalix.net> wrote in message
news:200504061633.44950.dhill+php@cricalix.net...
> On Wednesday 06 April 2005 16:23, Charles Hamel typed:
>> Hi
>>
>> I am bulding a secure intranet.(php, mysql, apache)
>> I am using a session and Mysql to handel the user accounts. Everythying
>> works fine with that.
>>
>> The client now needs to share word/pdf document with the registered user.
>> I
>> created a secure directory using .htaccess for this purpose and it works
>> as
>> well .... the user are promt to enter a username password.
>
>> I was expecting this to work ...
>> http://username:password@www.domain.com/safeDir/Word.doc but it isn't.
>
> IE dropped support (or severely neutered it) for username:password in URLs
> a
> while back.
>
> One way to handle this is to write a wrapper script that accepts the file
> name
> as a parameter. The script verifies that the user is allowed to access
> the
> file, and sends back the file with appropriate content type etc. Files
> can
> then be stored outside of the document root, preventing access even if you
> guess the file name.
Can you provide a little more infos about wrapper scripts ... first time
earing about this expession.
Can this script be written in php ... or it is some kind of cgi? Any
exemple online of these type of script that a could study to make my own?
Thanks
Charles
Navigation:
[Reply to this message]
|