Reputation: 2211
codeigniter controlled access to a url/folder
I am stuck at the situation where I want the url, which contains a folder having some files (html, swf etc.), to be accessible after I validate the user.
For example.
The url to access is:
And this above url is accessible from the link,
I have implemented a way to hide the URL A from a normal user but if the user somehow is a semi-techie person then he can know the swf file location from firebug or other tools. So, to make the access-to-file secure what should I do?
If a user somehow knows the first url(A) and then enters it in browser, i have to check if the user is logged-in and if validation is done it lets the url A to be loaded.
Since, in CI, the controller names cannot be named same as the folders in the root directory, in this case i cannot have a controller called “files”. So, the only option left to make this secure access to url work is to use htaccess rule/cond. If this is the only option, then how can it be achieved by htaccess and if not, then what other options do i have.
Will the codeigniter's URI Routes work because when i tried like this:
$route[‘files/version/1/(:any)’] = “view/$1”;
and it doesnt work, maybe because there is no controller/function/param as files/versions/1 ...
looking for quick help. Thanks
Upvotes: 0
Views: 1016
Answers (1)
Reputation: 1852
There isn't a sure-fire way to do it without, for example, using .htpasswd.
One thing you could implement is sort of "Security by Obscurity". In that case you could redirect all requests to a file to the URL http://mysite.com/view/file-id and then instead of loading the requested file directly, you would load a .php template with the appropriate headers - be it an image, a flash file or anything else.
But it really depends on how the files are going to be managed, since every file will need an entry in the database and you would have to output different headers for different types of files. And if someone still manages to guess the path to the file, it will be directly accessible.
Upvotes: 2
Related Questions
- How to restrict access to files in a folder in codeigniter
- Codeigniter : Protect folder from direct access
- How to prevent direct access to the files with CodeIgniter
- Allow access to a specific php file in CI root
- allow access to certain php files in codeigniter
- Codeigniter .htaccess: Give public access to all files but not the folder
- Restrict browser access to directory files
- htaccess and codeigniter, make a folder accessible
- prevent directory access
- how do i get to restrict access to my folders