Posted by Mike on 01/21/08 03:13
"Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
news:D5WdnWtQ-spkYg7anZ2dnUVZ_tbinZ2d@comcast.com...
> Mike wrote:
>> "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
>> news:KrmdnUztqsQrTA7anZ2dnUVZ_urinZ2d@comcast.com...
>>> Mike wrote:
>>>> "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
>>>> news:h8KdnSRlZdvUMw7anZ2dnUVZ_hninZ2d@comcast.com...
>>>>> Mike wrote:
>>>>>> "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
>>>>>> news:ePmdnYBeD6PdOA7anZ2dnUVZ_q3inZ2d@comcast.com...
>>>>>>> Mike wrote:
>>>>>>>> I have a project i am not sure how to achieve the desired results.
>>>>>>>> I need some advice/direction if anyone can help.
>>>>>>>>
>>>>>>>> I have a domain name. Under that domain lots of individual
>>>>>>>> websites:
>>>>>>>>
>>>>>>>> ??????.com
>>>>>>>> ??????.com/website1
>>>>>>>> ??????.com/website2
>>>>>>>> ??????.com/website3
>>>>>>>>
>>>>>>>> 1) The domain home page has a login screen. Depending on the
>>>>>>>> username and password the user is taken to the relavent website
>>>>>>>> index page.
>>>>>>>> This would all work fine i could specifiy the user/password and
>>>>>>>> corresponding website directory in a mysql table
>>>>>>>>
>>>>>>>> THE DILEMA - The websites are large and always being updated
>>>>>>>> therefore i cannot add corresponding (session) php code to every
>>>>>>>> html webpage within the websites. Therefore how can I stop a user
>>>>>>>> copying and pasting a external link to one of these pages or files
>>>>>>>> located within the website i.e. by passing the login.
>>>>>>>>
>>>>>>>> Any ideas?
>>>>>>>> TIA
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> You can't. If a page doesn't check to see if the user is logged in,
>>>>>>> there is no way you can prevent someone from directly linking to
>>>>>>> that page.
>>>>>>>
>>>>>> Jerry
>>>>>>
>>>>>> Is there not a way to somehow restrict by folder. i.e. sessions
>>>>>> which are related to the folder and not the files within?
>>>>> Only if you're using HTTP authentication - which is different than
>>>>> what you're talking about. HTTP authentication is where you get the
>>>>> popup from your browser asking for your userid and password.
>>>>>
>>>>
>>>> I did look at this first but was told this cannot be done.
>>>> Keep in mind i need central login screen. I don't believe with normal
>>>> HTTP authentication i can specifiy which directory to take the user
>>>> to. Hence why i needed PHP/Mysql to specify the path
>>>> The server is Win2003, IIS.
>>>>
>>>> I'm stuck :(
>>>>
>>>>
>>>>
>>>>
>>> You can specify the directory(s) or files which are protected in IIS.
>>> But you can't use your central login screen for http authentication.
>>>
>>
>>
>>
>> That's right hence my use of php for the login. Am i right in thinking
>> what i am trying to do is not possible.
>
> That's the first thing I said.
>
> --
>
You Did. Thank you for taking the time to reply Jerry. It's appreciated
[Back to original message]
|