473,378 Members | 1,400 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > authorization for dummies

Join Bytes to post your question to a community of 473,378 software developers and data experts.

authorization for dummies

I'm working on a mini-micro CMS that amounts to
a semi-automatic page-generation system that allows
authorized users to manipulate an administrative menu.

Once installed, the system is remarkably easy to use,
even for non-html jokies.

Installation is always a bit of adventure.
On linux, mysql is usually but not always available.
If mysql is available, a config file can be edited with a form.
The user might need help from a sys-admin to get the
db-user-name and password.

If mysql is not available (if I could figure out a way to dynamically
test for that) I could fall back on a form that sets up .htaccess and
..htpasswd, so an admin user can gain access to the admin forms.

But htpasswd etc, is only available (isn't this correct?) if the right
stuff has been pre-set in /etc/httpd.conf

If that isn't available, then my installation for dummies goal
has hit a brick wall. What third-tier authorization tricks could
my system try to fall back on, if and only if mysql and .htaccess
has already failed (for the unsophisticated installer).

Aug 30 '07 #1
5 1636
On 30 Aug, 16:08, salmobytes <Sandy.Pittendr...@gmail.comwrote:
I'm working on a mini-micro CMS that amounts to
a semi-automatic page-generation system that allows
authorized users to manipulate an administrative menu.

Once installed, the system is remarkably easy to use,
even for non-html jokies.

Installation is always a bit of adventure.
On linux, mysql is usually but not always available.
If mysql is available, a config file can be edited with a form.
The user might need help from a sys-admin to get the
db-user-name and password.

If mysql is not available (if I could figure out a way to dynamically
test for that) I could fall back on a form that sets up .htaccess and
.htpasswd, so an admin user can gain access to the admin forms.

But htpasswd etc, is only available (isn't this correct?) if the right
stuff has been pre-set in /etc/httpd.conf

If that isn't available, then my installation for dummies goal
has hit a brick wall. What third-tier authorization tricks could
my system try to fall back on, if and only if mysql and .htaccess
has already failed (for the unsophisticated installer).
htaccess is only implemeted on Apache servers, not on IIS for instance.

Aug 30 '07 #2
On Aug 30, 9:19 am, Captain Paralytic <paul_laut...@yahoo.comwrote:
htaccess is only implemeted on Apache servers, not on IIS for instance.
I'm content to let IIs users twist in the wind. Microsoft has been
doing that to everybody else for years....so a every possible bit
of their own medicine is great in my book.

......can php even be installed on IIs?

Aug 30 '07 #3
salmobytes <Sa***************@gmail.comwrote in
news:11**********************@q5g2000prf.googlegro ups.com:

If that isn't available, then my installation for dummies goal
has hit a brick wall. What third-tier authorization tricks could
my system try to fall back on, if and only if mysql and .htaccess
has already failed (for the unsophisticated installer).
you could put a text file with usernames/passwords in a directory above the
www directory, and use PHP to check for that when the person logs in.

if they log in successfully, set a $_SESSION so that you never have to
check it again unless they log out.... and all your subsquent pages should
search to see that your particular $_SESSION is there/valid....
Aug 30 '07 #4
salmobytes <Sa***************@gmail.comwrote in
news:11*********************@q4g2000prc.googlegrou ps.com:
On Aug 30, 9:19 am, Captain Paralytic <paul_laut...@yahoo.comwrote:
>htaccess is only implemeted on Apache servers, not on IIS for instance.

I'm content to let IIs users twist in the wind. Microsoft has been
doing that to everybody else for years....so a every possible bit
of their own medicine is great in my book.

.....can php even be installed on IIs?
yes.

are you really sure you want to let users 'twist in the wind'? you really
don't want your app accessible to everyone possible?
Aug 30 '07 #5
On Aug 30, 9:37 am, Good Man <he...@letsgo.comwrote:
are you really sure you want to let users 'twist in the wind'? you really
don't want your app accessible to everyone possible?
OK, I want to let IIs users twist in the wind, but it's probably not a
good idea.
But I have no idea how to debug IIs without using it, and I don't have
it.
I boot windows to use photoshop and my scanner. That's about it.

....if php is installed on IIs and mysql does not fail, great.
If it does fail, then we know .htaccess will fail too, and I could
try to fall back on the previous directory trick. Then I might have
something that would work on IIs without having to install it.

Aug 30 '07 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

60
Is "C For Dummies" any good?
by: K. G. Suarez | last post by:
Hello everyone. I am new to programming and my uncle gave me a copy of "C For Dummies 2nd Edition". I am up to chapter 9 right now. He probably saw me struggling with "The C Programming...
C / C++
1
Authorization elements in web.config
by: Chris Leffer | last post by:
Hi. I would like to confirm a behaviour in the authorization element from the web.config file. Suppose the following (using Forms authentication): <authorization> <deny users="?" /> <deny...
ASP.NET
9
Detecting Failed Authorization
by: Bijoy Naick | last post by:
I've implemented forms authentication and authorization on my application. In my Web.Config, my authorization section looks like this.. <authorization> <allow roles="admin" /> <deny users="*"...
ASP.NET
1
Authorization
by: Shapper | last post by:
Hello, In my web site I need to restrict the access to page1.aspx, page2.aspx and page3.aspx to users which had login and which access level is "administrator". The remaining pages can be...
ASP.NET
4
Requiring Authorization for a Single Subfolder
by: Johnnie Norsworthy | last post by:
ASP.NET 2.0 How do I configure my web site to require forms authorization only for a subfolder off the root? I know how to set Web.config for forms authentication for the whole site, but I need...
ASP.NET
2
ASP.NET Authorization
by: Water Cooler v2 | last post by:
Is the authorization tag/class in web.config\<system.web> available only for Windows authorization? Does it make sense for Forms based authentication?
Visual Basic .NET
1
authorization problem
by: sonu | last post by:
Mark is creating a website using ASP.NET. He is using Forms authentication for authenticating and authorizing users. He has the following layout of files and directories in his website: Root...
C# / C Sharp
14
Windows Authorization
by: tshad | last post by:
I am trying to set up an intranet at work that will use our Active directory to authorize our users. We also want them to access the site from the outside (such as at home) and also be...
ASP.NET
4
authorization based on url parameters
by: xke | last post by:
Using web.config authorization settings, is it possible to allow my users to access default.aspx but not default.aspx?action=edit ?? <location path="default.aspx"> <system.web> <authorization>...
ASP.NET
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!