Can anyone please help me with my problem. I had posted this one already but no one had given me the right solution.


I have a menu named "CrimeMapping Administration" and was linked to "http://proxyserver/crimemapping" it can only be viewed when you are logged as administrator in XOOPS and it works fine but the problem goes here when I typed thehttp://proxyserver/crimemapping in the address bar it shows the whole page meaning even though you are not logged in as administrator you can still view it by typing the exact URL whta can I do enable to protect this page?

Here is the script:

<html>
<head>
<title>Muntinlupa Crime Mapping System - Index</title>
</head>
<frameset rows="78,*,50" cols="*" framespacing="0" frameborder="yes" border="0">
<frame src="HTMLSERVICES/top.htm" name="topFrame" scrolling="NO" noresize >
<frameset cols="*,215,0" framespacing="0" frameborder="NO" border="0" bordercolor="#999999" marginwidth="0" marginheight="0">
<frame src="HTMLSERVICES/map.htm" name="mapframe" noresize scrolling="no" bordercolor="#FFCCFF" frameborder="yes" marginheight="1" marginwidth="1">
<frame src="HTMLSERVICES/intro.htm" name="controlframe" scrolling="auto" noresize marginwidth="0" marginheight="0">
<frame src="HTMLSERVICES/dummy.htm" name="dummy" scrolling="yes" noresize>
</frameset>
<frame src="HTMLSERVICES/bottom.htm" name="bottomFrame" scrolling="NO" noresize>
</frameset>
<noframes><body>
</body></noframes>
</html>

Can anyone help me here?

What you're asking is a solution to the following problem: you want to use group access functions for something outside the XOOPS script. Unless the script you use is ported to the XOOPS platform as a module, and the group access functions are added to that, protecting the page using the group access functions is virtually impossible. At least, not without some advanced programming, which isn't easily implemented (which, judging by your posts, is something you are asking).

There are other ways to protect access to a file/folder (like using .htaccess and .htpassword), but they are outside the XOOPS group access controls, so even members will have to log in using that again.

Herko

Yes, the script is still in the XOOPS I had clone the templates and edit the mainmenu.html

------------------------

<{if !$xoops_isadmin}><a class="menuMain" href="http://proxyserver/crimemapping/index_view.htm">CrimeMapping</a><{/if}>


<{if $xoops_isadmin}>
<a class="menuMain"> <a href="http://proxyserver/crimemapping" target="_self" onClick="MyWindow=window.open('http://im-server/muntinlupa/','MyWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,width=1024,height=768'); return false;"> CrimeMapping Administration</a>
<{/if}>

</td>
</tr>
</table>

This one is very successful but if someone just type the exact URL on the browser the linkhttp://proxyserver/crimemapping can be viewed w/o logging anymore to ther site.

.htaccess can only be used in Apache? I've been using IIS how can I protect the folder or the file?

It is possible in IIS too to use .htaccess but the code may be different from the code under apache.

I would like to help you get more info about IIS .htaccess commands if you cannot find out yourself using search on google or if someone on xoops.org knows how .htaccess works under IIS. Yet, it will take some time before I can detach myself from my work at the office .

Martijn