Programming C, C++, Java, PHP, Ruby, Turing, VB
Computer Science Canada 
Programming C, C++, Java, PHP, Ruby, Turing, VB  

Username:   Password: 
 RegisterRegister   

 WikiWiki   BlogBlog   SearchSearch   TuringTuring   Chat Room  MembersMembers 
 .htacess
Index -> Programming, PHP -> PHP Help
View previous topic Printable versionDownload TopicSubscribe to this topicPrivate MessagesRefresh page View next topic
Author Message
nonamedude
PostPosted: Wed May 25, 2011 2:17 pm   Post subject: .htacess
Hey guys,

I want to prevent users who dont have a link to a certain file from accessing it.
So far I have tried doing this,

<files delete_comments.php>
order allow,deny
deny from all
</files>

So when I do this, it blocks all users even if they have a link to it. So I am just wondering what I have to put in my htaccess file so that users that do not have a link to delete_comments.php cannot access it.
Sponsor
Sponsor
Sponsor
sponsor
Amailer
PostPosted: Wed May 25, 2011 2:32 pm   Post subject: RE:.htacess
Are you trying to stop hotlinking?
http://altlab.com/htaccess_tutorial.html

I assume that's the case, otherwise I'm a bit confused. If someone does not have a link to a file; how can they access it in the first place (they don't know it exists)?
nonamedude
PostPosted: Fri May 27, 2011 10:14 am   Post subject: Re: .htacess
If the people who do not have a link to the file, they can find links in my source code by pressing "view source code". I just want to prevent people from browsing using URL's. Is there a way to do this?
Tony
PostPosted: Fri May 27, 2011 10:35 am   Post subject: RE:.htacess
How is the link from the source file different from the link obtained else-how?
Latest from compsci.ca/blog: Tony's programming blog. DWITE - a programming contest.
Amailer
PostPosted: Fri May 27, 2011 10:37 am   Post subject: RE:.htacess
I assume this is an AJAX request to the delete_comment.php correct?

If so check out:
http://www.electrictoolbox.com/how-to-tell-ajax-request-php/

[Edit] Check out http://stackoverflow.com/questions/3466802/deny-ajax-file-access-using-htaccess for a possible .htaccess solution
nonamedude
PostPosted: Fri May 27, 2011 11:05 am   Post subject: Re: .htacess
"How is the link from the source file different from the link obtained else-how?"

Meaning that on my website, certain users have certain privleges. Those who have the highest priveleges have a link to acess to the delete_comment.php. So they can actually acess the file through the website, and not by changing the URL.
nonamedude
PostPosted: Fri May 27, 2011 11:06 am   Post subject: Re: .htacess
And I am not using ajax to delete comments, it is just reloading the entire page again.
Tony
PostPosted: Fri May 27, 2011 11:13 am   Post subject: RE:.htacess
Typically delete_comment.php would check if the current user is logged in and has proper privileges. If so, proceed; else return.
Latest from compsci.ca/blog: Tony's programming blog. DWITE - a programming contest.
Sponsor
Sponsor
Sponsor
sponsor
Display posts from previous:   
   Index -> Programming, PHP -> PHP Help
View previous topic Tell A FriendPrintable versionDownload TopicSubscribe to this topicPrivate MessagesRefresh page View next topic

Page 1 of 1  [ 8 Posts ]
Jump to:   


Style:  
Search:


You can syndicate this boards posts using the file backend.php or view the topic map using sitemap.php.

Terms of Use | Privacy Policy