Posted by seajay on 04/09/06 23:29

hello,

To resolve your problem you need to implement Session Management
After the user is authenticated through a username and password, a
session
is created.

Every time a file is requested the session is checked for validaty, if
the session
is still valid the file can be viewed.

This process forbids a user from accessing files by putting their names
in the browser

As for access to images, you will need a PHP script to send the actual
image.
e.g showimage.php?imgid=5
Images are stored outside htdocs folder so users won't be able to
access them.
showimage.php will fetch the image based on its id.

Here's a simple tutorial for Session Management
http://www.webmonkey.com/webmonkey/00/05/index2a.html?tw=programming

If you have any specific question don't hesitate to reply.

Seajay

• Next in forum: Re: Help with oci_result()
• Prev in forum: Anyone managed to upgrade from php-4.2 to 4.3 on Redhat9
• Thread view: Re: php authentication

[Reply to this message]