View Single Post
  #3  
Old 4th November 2005, 22:50
Joe-Montana Joe-Montana is offline
Junior Member
 
Join Date: Oct 2005
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thaks again Falko,

Ok itīs maby me that eksplain it a bad way, the php script i have inlcude works fine as long as i include it on a site that i want to protect.


########## www.mysite.dk/user/index.php #######
<?php

//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();

require('../../siteuser/config.php');
require('../../siteuser/functions.php');

if (allow_access(user) != "yes") {
{
include ('../../siteuser/no_access.html');
exit;
}
?>
<HTML>
<HEAD>
<TITLE>mysite</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1251">

</HEAD>
<BODY BGCOLOR=#999999

<iframe src="/user/main.php" frameborder="0" name="main" scrolling="no" height="1000" width="902"></iframe>

</BODY>
</HTML>
################################

My php script checks in my sql database if user is loocked in.

connect to www.mysite.dk you will meet a normal form for user and password, if user is ok it will redirect to www.mysite.dk/user/index.php everything is god and work.


Now ex. if you connect direct to www.mysite.dk/user/index.php it meet the php script i have include, and if you not are loocked ind it will send you to www.mysite.dk. Everything is fine so fare.

The problem is that you can still get access to www.mysite.dk/user/audio.mp3

I would like to put a file in that folder (www.mysite.dk/user/) that no mater what, the server will read that file first and in that file i will include my php script.

Hobe You understand, and sorry about my spelling

/Joe
Reply With Quote