SmokyHosts Support Forums - Webhosting and Webdesigning Support!

.htaccess is a good way to limit files and such but even the more advanced CMS's have html files which say "You are attempting to access a restricted area." Then the person has to go back to the main page manually. With the small php code with the header it would show the main page in that directory which isn't bad but instead would need to be redirected back to the home page. I don't mind using simple error pages to show someone cannot access a certain folder simply because only people who attempt to try will ever find it. It also allows to use files within a folder but not allow the folder from being directly accessed from the browser end. Either way you do it will work but if someone finds a way to bypass your .htaccess file then it's completely pointless. That is why it's better to have multiple ways to protect your folders than just relying on one. Since html files are accessed before any other server file you can even put up a html welcome page then have it directed to your index.php folder.

It is good that we've shared our ideas and helped Flipper into writing his first how-to let's keep trying to come up with more ways to secure our websites to share them with those who have no clue.

I agree totally with you. We should use several methods of protecting not just one. However, I do find the .htaccess files to be the safest way.

@Tails5......PM me with an example of your .htaccess file and that will allow me to include that in my next How-To. Like common mistakes, and also how to fix that. I need ideas for my next how-to and that's a good way to go.

I got a couple ideas for a how-to. MySql query in php lol. That's one of many, shouldn't be too difficult to explain in a way that even I could understand.

P.S. I figured out how to do it, just don't know exactly how to set the databases up to do everything I am wanting.

If you PM me with specifics I can help you. And I did make a 'Reload this Page Using PHP to control MySQL Databases ' How-To some time ago, it's link is http://smokyhosts.com/forums/showthread.php?t=4781 hope it helps.

That made it relatively easy to understand. Now if I could understand how to set it so that when a member logs in they will be automatically selected for a certain squad site which they are part of. I'll eventually get the hang of it, maybe lol.

But yeah thanks for the link it should help me understand mysql better and I will run a couple test pages to get the hang of it better. Thanks

Well if you just store the squad site with their login information, then when you retreive the information you could do something like[php]
header("Location: http://www.crymsonlegends.com/airsoft/$result['squadsite']/")[/php] Or whatever the site URI is .

By the way, just as a point of interest, URL and URI are both valid, URI is Uniform Resource Identifier, URL is Uniform Resource Locator, which usually refers to a shortcut to the internet

Tails5 wrote:Well if you just store the squad site with their login information, then when you retreive the information you could do something like[php]
header("Location: http://www.crymsonlegends.com/airsoft/$result['squadsite']/")[/php] Or whatever the site URI is .

By the way, just as a point of interest, URL and URI are both valid, URI is Uniform Resource Identifier, URL is Uniform Resource Locator, which usually refers to a shortcut to the internet

Ummm...the problem with that code is that you didn't check for errors or any of that; which is pretty much necessary everywhere. Plus, the squadsites may be based around a different concept; one of which I still need to discuss with TheCryms about.

Why? They could select their squad site from a drop down list. Then you dont need to check it for errors.

Tails5 wrote:Why? They could select their squad site from a drop down list. Then you dont need to check it for errors.

Wrong. People can edit the HTML; save the file on their computer and then go to the link from there. Or they could just flat-out type the link into the address bar.

Then thats their fault if they got to an incorrect site!