[users@httpd] php & security per page per user

[JC <hi...@ee.ucr.edu>]

Hi everyone,

I'm trying to develop an internal website that requires security for 
specific page per specific user.

For example:

I have page1.php, page2.php, page3.php, and page4.php.

I also have user1, user2, user3, and userx.  Each user has his/her own 
password.

Now, user1 and user2 can only access page2.php and page4.php, but no other 
page.  user3 can only access page2.php and page3.php.  userx can only 
access page1.php.

Is there an easy way to implement this?

I plan to use apache & mysql for this project.  I also plan to use table 
to store users, passwords, and page, but I'm not sure what's the best way to 
accomplish this.

Thank you very much for any suggestions or comments.
JC

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] php & security per page per user

[Gerry Danen <gd...@gmail.com>]

I have learned a lot from looking at scripts from hotscripts.com and
from phpBB. You may want to start there.

Check out http://www.hotscripts.com/ but be aware that not every
submission is a solid and secure program.

Gerry

On 12/28/05, JC <hi...@ee.ucr.edu> wrote:
> Hi everyone,
>
> I'm trying to develop an internal website that requires security for
> specific page per specific user.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: [users@httpd] php & security per page per user

[Yanbin Ma <ym...@competitrack.com>]

Try this:

<LocationMatch /restricted_url>
AuthType Basic
AuthName "admins only"
AuthUserFile /your_path/your_user_pass_file.pass
Require user mini_me
Order Allow,Deny
Allow from 10.0.10.7
</LocationMatch>

================
Yanbin Ma


-----Original Message-----
From: JC [mailto:hiep@ee.ucr.edu] 
Sent: Wednesday, December 28, 2005 4:39 PM
To: Apache Users
Subject: [users@httpd] php & security per page per user

Hi everyone,

I'm trying to develop an internal website that requires security for 
specific page per specific user.

For example:

I have page1.php, page2.php, page3.php, and page4.php.

I also have user1, user2, user3, and userx.  Each user has his/her own 
password.

Now, user1 and user2 can only access page2.php and page4.php, but no other 
page.  user3 can only access page2.php and page3.php.  userx can only 
access page1.php.

Is there an easy way to implement this?

I plan to use apache & mysql for this project.  I also plan to use table 
to store users, passwords, and page, but I'm not sure what's the best way to

accomplish this.

Thank you very much for any suggestions or comments.
JC

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org