XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Community Support forums / 
  3. Q and A 
  4.  / Prevent direct using the url address to view folder
Register
1
kentchig
Prevent direct using the url address to view folder

  • 2009/1/9 17:05

  • kentchig

  • Just popping in

  • Posts: 3

  • Since: 2008/4/24


Dear Anyone,

I think we should know that XOOPS can manage different user groups to use different modules. However, I have found problem that some people can use the url address to go the folder to view files directly.

For example,

1. My address ishttp://test.org/xoops
2. The photos are stored at folderhttp://test.org/xoops/uploads/
3. XOOPS could manage different users to go the photo gallery and view photo.
4. However, someone could use the the link:http://test.org/xoops/uploads/ to view the all photos inside the folder.

My question is how to avoid someone to use the linkhttp://test.org/xoops/uploads/ to view all the photo.

Thank you for your help.


2
Mamba
Re: Prevent direct using the url address to view folder

  • 2009/1/9 18:57

  • Mamba

  • Moderator

  • Posts: 11366

  • Since: 2004/4/23


You should have a "index.html" file in your /uploads directory, with the following code inside:

<script>history.go(-1);</script>


Some servers also have an option to generate an error if somebody is trying to view a directory w/o a "index.html" file in it.
Support XOOPS => DONATE
Use 2.5.10 | Docs | Modules | Bugs
3
kentchig
Re: Prevent direct using the url address to view folder

  • 2009/1/10 3:31

  • kentchig

  • Just popping in

  • Posts: 3

  • Since: 2008/4/24


Dear Mamba,

Thank you for your help. May I have one more question. If someone knows the link with full path. e.g.:http://test.org/xoops/uploads/20081231.jpg, he may still use the full path link to view the file. Do you have any ideas to avoid it.

Thank you for yr help again.

Cheer.

Kent
4
Mamba
Re: Prevent direct using the url address to view folder

  • 2009/1/10 6:06

  • Mamba

  • Moderator

  • Posts: 11366

  • Since: 2004/4/23


I'm sure that there are many methods to do so. A simple one is to move the files to a private directory outside of your Root, so they are only being accessed by XOOPS.

Support XOOPS => DONATE
Use 2.5.10 | Docs | Modules | Bugs
5
kentchig
Re: Prevent direct using the url address to view folder

  • 2009/1/11 15:48

  • kentchig

  • Just popping in

  • Posts: 3

  • Since: 2008/4/24


Thank you

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

276 user(s) are online (164 user(s) are browsing Support Forums)

Members: 0

Guests: 276

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: May 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits