I have a directory with files (of various formats) contained within a
website which uses PHP to control user access via session variables. I would
like to protect the directory from direct external linking (e.g. prevent
people typing "http://www.mysite.com/protected-directory/file.doc" into the
address bar for example), so that users must log on to the website first to
gain access to them. Currently, I've used a .htaccess file, but this
requires the users to enter an additional password, which is a hassle. I'd
like to be able to pass the htaccess username and password directly to the
server using a script embedded in a PHP file, but since Microsoft have
prevented the use of username/password combinations within the URL in IE,
this method is no longer viable. Can anyone suggest an alternative solution
or a way around the http authentication problem?
Cheers,
J
--
-----Personal Disclaimer--------
Thanks to the explosion of abuse of email on the 'net,
I have taken to adding this disclaimer to all email. It's
not a legal statement, just a form of insurance. If you
get a message that appears to be from me, but it doesn't
have this disclaimer at the bottom, please treat it as
spam, as it has not originated from me.
-----End Disclaimer------