John Coggeshall wrote: > Hey all.. > > I've got a question -- I'd like to restrict access to entire directories > based on if the user has been authenticated or not. Basically, I'd like > to set up a auto-include *FROM APACHE* to run a PHP script prior to > sending any documents what-so-ever and only send the requested document > if the PHP script allows it. So.. > > Request Made -> PHP Script Runs -> PHP Checks Authentication -> PHP says > OK -> Apache sends file normally > > Or.. > > Request Made -> PHP Script Runs -> PHP Checks Authentication -> PHP says > NO -> Apache stops dead in it's tracks or displays a HTTP error > > Is this possible? It has to work for any document or MIME type and be > restrictable by directory... (i.e. I just want this happening in a > /secure/ directory) > > John >
Not sure if you'll be able to do that, because PHP won't run unless Apache calls it. It wouldn't call the PHP interpreter unless it's a PHP file type (.php associated with 1 application type, jpg associated with a MIME type, etc). Two things spring to mind: 1. Do you mean 'authenticated' as in 'Apache-level' authentication, or PHP-level authentication? 2. If you need to have every request go through PHP, perhaps a URL rewriting solution would work - everything it rewritten to go through PHP, then it can decide whether to 'pass thru' the file or display an error message. Michael Kimsal http://www.phphelpdesk.com 734-480-9961 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php