Re: Protecting directories [XOOPS general usage questions] - XOOPS Web Application System

XOOPS

Forum

Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk

1

Protecting directories

2007/2/20 14:45
linusthand
Just popping in
Posts: 4
Since: 2006/10/27

I notice that non-PHP contents under the XOOPS root directory are not protected in any way, at least not in my configuration (perhaps I have done something wrong). For instance, I were to create a module which had some non-PHP files in it, say text files, which were used by the module, those would be readable by everybody, even if I restrict the module to registered users. The same is true for /uploads/. Sure, I can make directories non-listable, but that doesn't restrict access to the files per se. Is there anyway of doing this, or is this just the way things are?

Regards,
Linus

2

Re: Protecting directories

2007/2/20 17:47
Dave_L
XOOPS is my life!
Posts: 2277
Since: 2003/11/7

If you're using Apache, and its configured to allow .htaccess files, you can add an .htaccess file to a directory with contents:

Deny from all

3

Re: Protecting directories

2007/2/20 19:54
teibaz
Not too shy to talk
Posts: 103
Since: 2004/6/13

Yeah, create .htaccess file as it was mentions before OR create empty index.php file in that directory

:.. RED HOT CHILI PEPPERS Lithuanian fan club ..:

4

Re: Protecting directories

2007/2/20 19:58
Dave_L
XOOPS is my life!
Posts: 2277
Since: 2003/11/7

An empty index.php will prevent listing a directory's contents, but will not prevent access to files in the directory if the user knows or guesses their names.

5

Re: Protecting directories

2007/2/22 15:11
linusthand
Just popping in
Posts: 4
Since: 2006/10/27

Thanks, .htaccess is a good idea. But this means that I make all non-php content completely unavaliable, and have to route it through a php file to present it. What if I have text files or images or whatever in the directory, and would like people to access them but only if they have logge in? Is that possible?

6

Re: Protecting directories

2007/2/22 15:56
wizanda
Home away from home
Posts: 1585
Since: 2004/3/21

You can add the index.html file with

<script>history.go(-1);script>

Will make it only people with the correct url can access the file, may help

Oneness - True Faith

7

Re: Protecting directories

2007/2/27 23:05
jesphoto
Just popping in
Posts: 27
Since: 2007/1/26

If you have a hosting service you can password protect dir.
In xoops:
Create bloc and from block call that dir.
"Name"
works

Login

Username

Password

Remember me

Register now! | Lost Password?

Search

Advanced Search

Recent Posts

XOOPS MyMenus 1.54.0 Beta 10

11/18 11:08 Mamba
Re: XOOPS MyMenus 1.54.0 Beta 7

11/18 11:06 Mamba
Re: XOOPS MyMenus 1.54.0 Beta 7

11/16 12:32 liomj
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 18:06 Mamba
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 5:33 liomj
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 5:29 liomj
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 4:39 Mamba
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 3:50 liomj
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 3:31 Mamba
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 1:48 Mamba

Who's Online

307 user(s) are online (245 user(s) are browsing Support Forums)

Members: 0

Guests: 307

Donat-O-Meter

Stats
Goal:	$100.00
Due Date:	Nov 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}

{{ record.commit.author.name }} {{ record.commit.author.date | formatDate }}