Hello Everyone,
I'm somewhat new to PHP. I've read quite a bit of material and have a background
with perl and Apache and Linux.
Let me explain my situation.
- Fedora Core 3 with Apache 2 and PHP
- Using SSL.
- Each Directory under $_SERVER['DOCUMENT_ROOT'] is an NFS mounted directory
(read only).
- The directories may contain various numbers of subdirectories
- New directories may be created by various individuals
- The application data being stored can be accessed by an application created
.htm file.
- The .htm file created by the application always has the same name.
My goals are:
- provide encrypted connection
- provide security for each directory (and sub-directory) under
$_SERVER['DOCUMENT_ROOT'].
- Find all files with a .htm suffix by recursively going through all
sub-directories.
- Create links for each .htm file on a single page.
- Use parent directory of each .htm file (since there will be only one) as the
name of the link to the file
- Prevent displaying of other directories under $_SERVER['DOCUMENT_ROOT']
- Single Sign page for all customers
- Each user will only have access to one directory under
$_SERVER['DOCUMENT_ROOT']
- Authentication process should move customer to appropriate directory under
$_SERVER['DOCUMENT_ROOT']
What I've done so far:
First, let me state that some of the requirments weren't initially present when
the design started...
- The server has been set up with SSL and is working properly
- The SSL site goes to $DOCUMENT_ROOT (which is currently a blank index.htm)
file, preventing users from drilling down
- Each site is currently configured to use Apache Digest Authentication. My
experience with PHP site design comes from the book 'PHP and MySQL Web
Development' which mainly dealt with web sites as Applications (e-commerce,
blog, etc) and not from a file system stand point. Most was object oriented with
includes and what not which would require pages in every subdirectory under the
DOCUMENT_ROOT in order to comply with the application design. Having a solution
to require this would not be practical; however I'm not sure if there's another
way to approach. By using the Digest Authentication I know that the Directories
in the realm would be covered...
- My original index.php script (that I need to debug as it's not working yet)
was designed to be placed in each respective directory directly under
DOCUMENT_ROOT. The script, hopefully, will go through each directory, find out
what files are directories or files. If it's a file I'm trying to push basename
(but needs to get the directory name it resides instead) and the URL if the file
suffix ends with .htm. If it's a directory, it should push the directory to an
array. Calling a function in a while loop and shifting the array should
recursively take me through all subdirectories. The end result should be a table
on the index file that the user's would be able to click on to take to the .htm
file. Right now I'm having a problem with my foreach statement...
What's needed:
- Simple but effective. It's not going to be feasible to add a lot of .php files
to subdirectories. These directories are really working directories so this is a
headache. There are more that just .htm files. That is not the problem. Just
don't want the people to have to dig down.
-A single sign-on would be great. Each user only needs to access one directory
under DOCUMENT_ROOT. I know that SSL uses the IP address and I can't break up
the SSL into multiple virtual hosts so I can't do that. The security must
provide protection from somebody trying to get in from a subdirectory
From my limited knowledge of PHP, I would think that creating a solution to
support this would take some time. But like I said I sure don't know everything.
If anyone has any suggestions (and estimations of time it would take) I would
appreciate it.
Thanks,
James
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
