Re: [Phpgacl-general] protecting 'non-owned' pages/apps with phpgacl?
Brought to you by:
ipso
Menu
▾
▴
Re: [Phpgacl-general] protecting 'non-owned' pages/apps with phpgacl?
|
From: OpenMacNews <ope...@gm...> - 2006-01-03 20:38:33
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 hi all, >>> If you really want to do it, I suggest just using a global include file, >>> unless you want more fine grained permissions, which you will need to >>> modify almost every page in the 3rd party app. i'm still thinking about phpgacl 'control' of non-php dirs & files ... in principle, it should be possible to access phpgacl's auth data via direct sql query in an .htaccess-based auth management script, no? if true, then 'weaker' dirs/file -- those not directly controlled by phpgacl invocation in php souece code -- could be protected by placing a .htaccess file in the 'top' dir of interest, wherein an sql query to phpgacl (or session vars?) would determine access or not ... i think this would (a) provide complete phpgacl control of access -- albeit not as fine-grained as a 'pure' implementation, and (b) would NOT use the typical .htaccess-drive popup login window. viable, or am i barking up the wrong tree here? cheers, richard /"\ \ / ASCII Ribbon Campaign X against HTML email, vCards / \ & micro$oft attachments [GPG] OpenMacNews at gmail dot com fingerprint: 50C9 1C46 2F8F DE42 2EDB D460 95F7 DDBD 3671 08C6 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (Darwin) iEYEAREDAAYFAkO64HwACgkQlffdvTZxCMYnIgCeOsizTjOAnrXcckP84KDf0T6/ EIYAnjMa499yFv4Wa8g5w2jiCM5F4OUz =Pn5e -----END PGP SIGNATURE----- |
