Jul 24, 2008

How To Redirect - Not as simple as it sounds
Free Web Hosting, No Ads > CONTRIBUTE > Computers > Programming Languages > HTML, XML etc..

free web hosting

How To Redirect - Not as simple as it sounds

SNiped
May 30 2007, 08:36 AM
I am currently doing a small prjoect for a group. We have the main website sorted out but the guys want a site where they can put there funny pictures, a forum and general stuff that we dont want the public seeing. I looked at paying for a secure area on our hosting but we did not want to have to pay more than we already were as it is not being hosted with trap17.

SO i came to the conclusion of using a simple password page, and redirects. Is there anyway of redirecting users who have not first entered the correct password.

Ill try to explain in a bit more detail. Say my page gets a hit from google or a direct link to a certain page, is there a way of redirecting them back to the password page so they have to enter it, but once they enter it they are free to use the pages but they cant link straight to them.

Say you link to this page from some other site, it redirects you to the frontpage where the password is, you enter the correct password and can look at the pages inside but only if you have entered the password and you can only follow the links on the page no links from outside.

This might sound confusing but at the moment i have only found one site where they have something like this. It does not allow you to go straight to a page must go through the main page first. If you care to see what i mean here is the site Runescape redirect It is the url of a server but redirects you back to the homepage, then only if you go through the frontpage can you enter the server.

Cheers for any help you can provide.
MArtin

 

 

 


Reply

jlhaslip
May 30 2007, 09:25 AM
Yes, there is a method to do this. You would need some php scripting and quite likely sessions or cookies to keep track of those users that are allowed to access the page.

When the page is requested, check for the presence of a session id, if none exist, go to the password page. In the password page, ask for the username and password, if acceptable, set a session-id. If a session-id exists, allow access to the page, else re-direct to the password page.

See if this makes any sense to you:

CODE
session_name ('YourVisitID');
session_start(); // Start the session.

// If no session value is present, redirect the user.
if (!isset($_SESSION['agent']) OR ($_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT'])) ) {

    // Start defining the URL.
    $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
    // Check for a trailing slash.
    if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
        $url = substr ($url, 0, -1); // Chop off the slash.
    }
    $url .= '/index.php'; // Add the page.
    header("Location: $url");
    exit(); // Quit the script.
}


Read about sessions at the php.net site. http://php.net/

 

 

 


Reply

SNiped
May 30 2007, 03:18 PM
QUOTE(jlhaslip @ May 30 2007, 10:25 AM) *
Yes, there is a method to do this. You would need some php scripting and quite likely sessions or cookies to keep track of those users that are allowed to access the page.

When the page is requested, check for the presence of a session id, if none exist, go to the password page. In the password page, ask for the username and password, if acceptable, set a session-id. If a session-id exists, allow access to the page, else re-direct to the password page.

See if this makes any sense to you:

CODE
session_name ('YourVisitID');
session_start(); // Start the session.

// If no session value is present, redirect the user.
if (!isset($_SESSION['agent']) OR ($_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT'])) ) {

    // Start defining the URL.
    $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
    // Check for a trailing slash.
    if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
        $url = substr ($url, 0, -1); // Chop off the slash.
    }
    $url .= '/index.php'; // Add the page.
    header("Location: $url");
    exit(); // Quit the script.
}


Read about sessions at the php.net site. http://php.net/

Thank you very much. Now just to work out that in english. PHP was never my strong point. Thanks again for the help, i will play around with this peice of code to work out what to do with it. smile.gif

Reply

SNiped
May 30 2007, 03:35 PM
Just popped back to inform you all that i have tried the PHP one and managed to make a total mess of it. I have figured out i can use javascript to accomplish the same thing.

Reply

elrohir
May 30 2007, 08:21 PM
You could also use the standard Apache (I presume it's an Apache server - I don't know if this works on other servers) http protection. It's slightly harder to manage, but it saves the hassle with the PHP debugging and possible security risks if you aren't completely competent.

Basically, there are two files:
".htaccess" and ".htpasswd"

This is the syntax you want for .htaccess:
CODE
AuthUserFile /full/server/path/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic

require valid-user


the "AuthUserFile" is where we will store a list of valid users and passwords. The path for this can either be the full server directory from root, or it can be the path from the Apache "DocumentRoot" setting for your site. You can make this by putting
CODE
<?php
echo $_SERVER['SCRIPT_FILENAME'];
?>

in say "dir.php" in the directory that will be protected. When you run it, the script should give you something like "/var/www/asite/protected/dir.php" What you want to put behind "AuthUserFile" should in this case be "/var/www/asite/protected/.htpasswd".

"require valid-user" tells it that it HAS to be a user that is defined). One thing that complicates the whole issue slightly is that the passwords are all encrypted (I forget which algorithm), so you can't change them as easily. I'll get back to that. For now, here's what the password file (.htpasswd) should look like:

CODE
username:ZKGvcl5c9C/uM


There can be as many users in there as you want (just separate every user by a newline). You can make the password with this tool:
http://www.tools.dynamicdrive.com/password/

Enter the user name and password, and it generates the list for you (ignore all the other boxes, they are for the .htaccess file.

And I think that's it. I don't know if it made any sense, but what the hell. It might work tongue.gif
-E

Reply

SNiped
May 31 2007, 09:20 AM
I did look at the .htaccess but i could not work out if it would protect the pages behind the password or not. If you could clear this up it would be handy as i have played with .htaccess before, and it worked (admittidly i was told that they needed htaccess set up and i just did it. HAd no idea if it would work, and still not sure if it worked)

Reply


Got an Opinion! Express your Views! (no registration):-
Add your Reply/ Opinion/ Views/ Comments/ Suggestion/ Questions/ Queries etc.
Posts with decent grammar & English will be accepted and please refrain from profanities.
For asking a Question, We recommend you to sign-up (for free) so that you can track the topic easily.

Nature of your Post*: Opinion/ Reply/ Comments
Question/Query
Feedback to us.
       
Name   Email
Title/Question*

(Maximum characters: 10,000)
You have characters left.
Confirm Code:

Similar Topics

Keywords : redirect, simple, sounds

  1. Redirect Problem
    (6)
  2. 301 Redirect And Bots
    a small doubt (6)
    Hi guys, I am presently developing a website which depends on JavaScript for its design. The
    problem is that some browsers do not JavaScript enabled. So, in case Script cannot be run on the
    browser, I have given a 301 (Meta) Redirect to a page which will tell them to enable the script.
    What about the Search engine bots? Will they undergo the 301 Redirect? Or can they see the
    actual page? Please help. ....
  3. Url Redirection = Javascript+html
    Redirect using scripts! (4)
    In javascript Browser redirection can be done in 3 ways: 1) Alert Redirect: CODE
    <html> <script>     alert("This page has been moved to a new location...
    click OK to be redirected.");     location = "http://www.your-website.com";
    </script> </html> 2) Confirm and Redirect: CODE <html>
    <script>     if(confirm("This page has been moved to a new location... would you
    like to be redirected"))     {   location = "http://www.your-website.com";
        }....
  4. Countdown Till Redirect
    (4)
    ok here is a question: how would i do something that says you will be redirected in 15 seconds and
    then changes the number till the redirection takes place. this is planned for a custom 404 error
    page. im not just asking for the countdown but also how to redirect at all. thankfull for any
    help /smile.gif' border='0' style='vertical-align:middle' alt='smile.gif' /> Lucas....
  5. Redirect Code Help
    (8)
    Can someone give me the code which redirects you automatically in the whole page instead of only in
    the frame? I'm using this code, but it just redirects inside a frame... CODE <meta
    HTTP-EQUIV="REFRESH" content="0; url=http://www.something.com"> But now
    .tk has added a ad to the pages so I don't want to use it anymore, so I want that people
    entering the site is being redirected to the "real" domain name now.......


      6. Looking for redirect, simple, sounds

Searching Video's for redirect, simple, sounds
advertisement



How To Redirect - Not as simple as it sounds



 

 

 

 

ADD REPLY / Got an Opinion! Remove these ADs! RAPID SEARCH! Free Web Hosting [X]
Express your Opinions, Thoughts or Contribute more info. to help others.
Ask your Doubts & Queries to get answers, So that "Together We can help others!" 		Register FREE for AD-FREE forum, Create your own topics, Ask Questions, track topics, setup subscriptions & notifications and Get a Free Website w/ Email and FTP.
500MB Space *No Ads*, CPanel, FTP, PHP, MySQL, EMails - 100% FREE