堆栈内存溢出
  简体   繁体   English

如何使用 .htaccess 访问一个文件:拒绝所有人

[英]How to access one file with .htaccess : deny from all

 原文  2014-09-21 10:26:17       php/ .htaccess/ redirect

问题描述

I created a login page and I want to redirect me to a file which have .htaccess: deny from all The folder structure我创建了一个登录页面,我想将我重定向到一个具有 .htaccess: deny from all 文件夹结构的文件

main folder
 |-include
   |-connect
   |-.htaccess( with deny from all)
   |-index.php
 |-admin.php
 |-authenticate.php

Now: admin.php have the login which redirects me to authenticate.php which I want to redirect me to index.php but the .htaccess denied me this ( I use it to deny users to access the files from the include folder via address bar )...现在:admin.php 有将我重定向到 authentication.php 的登录名,我想将我重定向到 index.php 但 .htaccess 拒绝了我这个(我用它来拒绝用户通过地址栏访问包含文件夹中的文件)...

In .htaccess I have the following lines of codes ?在 .htaccess 中,我有以下几行代码?

Order deny,allow
Deny from all


<Files ~ "..\authenticate.php$">
  Allow from all
</Files>

I think this is a very noob way to protect the data but I have no idea how to protect it other way... I found on google how to deny all files except one .我认为这是保护数据的一种非常菜鸟的方式,但我不知道如何以其他方式保护它......我在谷歌上找到了如何拒绝除一个之外的所有文件。 But the problem is that I want all files denied and to access them only when the login session is done and the user is authenticated...但问题是我希望所有文件都被拒绝,并且只有在登录会话完成并且用户通过身份验证后才能访问它们...

1 个解决方案

解决方案1
 0 已采纳  2014-09-21 12:04:17

whenever someone try to access your folder by url, your index file will run and show the result.每当有人尝试通过 url 访问您的文件夹时,您的索引文件就会运行并显示结果。 For authenticate a user to access folder, you check whether a user authenticated or not if not you will redirect back to authenticate.php and ask them to login.为了验证用户访问文件夹,您检查用户是否通过身份验证,如果没有,您将重定向回authenticate.php 并要求他们登录。

For the sake of code:为了代码:
| | - authenticate.php Form Submited. - 已提交authenticate.php 表单。
Valid user.有效用户。
Store session.存储会话。
Then Redirect to include/然后重定向到包含/
| | - include/index.php - 包括/index.php
check whether user validate and logged in with session check.检查用户是否通过会话检查验证并登录。

Here is some good stuff to learn handle logged in user with php这是一些学习使用php处理登录用户的好东西
http://phppot.com/php/php-login-script-with-session/ http://phppot.com/php/php-login-script-with-session/

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 .htaccess全面拒绝访问网站 - .htaccess deny from all stops access on website 我如何使用htaccess拒绝从URL直接访问服务器文件夹中的所有php文件和某些html文件? - How can i deny direct access from url to all php file and some html in my server folder using htaccess? htaccess对所有人的拒绝是多么安全 - How secure is htaccess deny from all .htaccess DENY FROM ALL帮助? - .htaccess DENY FROM ALL help? 如何拒绝用户访问,但从.htaccess启用php脚本 - how to deny access to user but enable to php script from .htaccess 如何拒绝访问文件 - How to deny access to a file 如何拒绝访问目录中的所有文件,但允许访问其他目录中的特定php文件呢? - How can I deny access to all files in directory but allow access from specific php file in other directory? 拒绝通过htaccess直接访问文件夹和文件 - deny direct access to a folder and file by htaccess 使用htaccess拒绝ajax文件访问 - Deny ajax file access using htaccess 拒绝访问 .htaccess 中的 .ini 文件是否安全? - Is it safe to deny access to .ini file in .htaccess?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM