Hey all,

Here's my problem: php/mysql noob here.

I have an admin section on the website, and I have successfully password protected all the php pages in that directory using sessions. I have included code like this on the top of each of my pages:

<?php
include('login.php');

if (checkLogin() != True) {
         displayLogin();
} else {
?>
<!--html here -->
<?php 
}
?>

I have two users right now, myself and my friend.

The main function of the admin page was to be able to upload large video files to the server, and have the other one download them. My problem is is that even if domain.com/admin/index.php is password protected, domain.com/admin/videos/myvideo.mov is still a direct link to the file and not password protected.

I have searched around the web and I've seen alot of "use htacess/htpswd" but there's gotta be a way to do this with the existing user table I have set up in my database! Right?

Anyway, I don't need the full code, I would just like some nudges in the right direction, some links etc.

On the other hand, examples are welcome too!

Thanks in advance!

Durrr... Thanks for the snippet, I'll try and implement, and post back when I'm done.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.