i have installed mod_auth_mysql to protect apache folder:


php script to do:

create a table users with these fields:

user, password, access_until

1-user can access protected folder if user/pass from mysql is correct and if field access until(datetime field) value is not expired i mean if today is 20/10/2008 20:10:10 and for this user access_until field value is 20/14/2005 10:10:10 we don´t allow user access it doesn´t matter if user/pass were correct.

2-if user/pass/datetime is ok we redirect user to [url removed, login to view] in the protected folder,

apache server(no php script) has to force to redirect user to that page.

2- if user tries to get access has 3 times to enter user/pass if not valid apache (no php)redirects user to a php page([url removed, login to view]) in another folder .

3- create a table ip, we add ip values

4- when user tries to access to the protected folder with mod_auth_mysql if we detect that his ip is in our ip table of ips addresses we allow access to [url removed, login to view] without login(apache redirects user to [url removed, login to view]).

5-when allowed user is in [url removed, login to view] into protected folder we create a php session and a session var logged=true and is redirected to [url removed, login to view],

included into [url removed, login to view](for example require_once ("[url removed, login to view])) we check that php session exists and logged=true.

6-apache server has to check that user has valid php session while he is in the protected folder in [url removed, login to view],

use mod_rewrite or do it like you want but it has to be apache who controls that php session var logged=true,

if we detect from apache/php session var user has not a valid session var logged=true we redirect user to a php page([url removed, login to view]) in another folder if there's a valid session we don´t do anything.

Skills: PHP

See more: mod_auth_mysql php session, s controls, correct password, 4 tries, php mod_auth_mysql user, mod_auth_mysql check logged, mod_auth_mysql redirects, mysql mean, tries, detect php, php redirects, mean user, php page protect, apache server 2008, check table mysql script, datetime, 2008 server apache php mysql, mysql allow server access, redirect login, server redirects, server 2008 apache php, php session password, mysql add times, access create user folder, script expired php

About the Employer:
( 0 reviews ) barcelona, Spain

Project ID: #249318