[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Password protecting a file with a dynamic URL

Posted on 2007-08-02
12
Medium Priority
?
203 Views
Last Modified: 2013-12-25
How do you password protect a file with a dynamic url. I need

www.own-designs.com/jess_events/calendar/plans.cgi?active_page=0

to not be password protected, but I need these:

www.own-designs.com/jess_events/calendar/plans.cgi?active_page=1
www.own-designs.com/jess_events/calendar/plans.cgi?active_page=2

to be password protected. I'm using PHP.

Thanks!
0
Comment
Question by:weikelbob
  • 6
  • 4
  • 2
12 Comments
 
LVL 11

Accepted Solution

by:
f_o_o_k_y earned 1000 total points
ID: 19615231
You can for example use something like this:

on each page include password_check.php

in that file you just check if some session variable isset
if not you can redirect to login form
header('Location: login_page.php');

in password_check you can also check if password for this site is required
0
 
LVL 7

Author Comment

by:weikelbob
ID: 19615250
I don't see how to do that because my example used the same file for all 3 links.
0
 
LVL 11

Expert Comment

by:f_o_o_k_y
ID: 19615273
ok
here is example code

<?php

$page_id = $_GET['active_page'];

if($page_id == 1 || $page_id ==2){
    if($_SESSION['some_variable']==''){
            header('Location: login.php');
    }
}

?>

This should put you on wright track.
Best Regards
FooKy
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 7

Author Comment

by:weikelbob
ID: 19615307
That looks great!

Let me apply it.

Thanks!
0
 
LVL 7

Author Comment

by:weikelbob
ID: 19615317
I just noticed that we're talking about a CGI file.

How do I do this?
0
 
LVL 11

Expert Comment

by:f_o_o_k_y
ID: 19615335
And what's the difference ?
I've never used cgi.
But if you can change code of plans.cgi and its written in php so there should be no difference??
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 19615611
why does your plans.cgi not do the authentication?
0
 
LVL 7

Author Comment

by:weikelbob
ID: 19618394
I can't have the public view all of the tabs in plans.cgi.

There is authentification, but if you have access to all tabs in plans.cgi, then you can create calandars.

Here's the link:

http://own-designs.com/jess_events/calendar/plans.cgi?active_tab=0
0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 1000 total points
ID: 19618516
> There is authentification, ..
if you thill have authentication there (in plans.cgi), it should be simple to check if the (authenticated) user is allowed for that tab
0
 
LVL 7

Author Comment

by:weikelbob
ID: 19620787
I misunderstood.

It only checks for a password if you add an event.

I need it to check for a password when they click on a tab.
0
 
LVL 11

Expert Comment

by:f_o_o_k_y
ID: 19622852
OK. I see what you want to do.

Now I have a question for you.
Can you change the code of plans.cgi?

If yes you must find the function which is responsible for adding new event (not displaying but this which is adding everything to database.
Then you must find function which is responsible for password checking
(tip try looking for $_SESSION['cal_password'] or $_REQUEST['cal_password'] or $cal_password)

after that you can create a page login.php with form and one password input box. after submit you must check entered password with founded function and if its correct you can set $_SESSION['authenticated'] = true;

then on palns.cgi on the top of source page do as I showed in previous post to check if the session variable is set.
remember to use session_start :)

Best Regards
FooKy

Ps. Hope this can help you
0
 
LVL 7

Author Comment

by:weikelbob
ID: 19697956
Thanks guys,

Bob
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
Strategic internal linking is often considered an SEO power technique, especially for content marketing. Do you need to hire an SEO agency to optimize you internal linking? No, this article will help you understand the basics of internal linking and…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses
Course of the Month18 days, 1 hour left to enroll

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question