Re: Coding .htaccess
but how can people find the forum except through your site?
You are not logged in. Please login or register.
PunBB Forums → PunBB 1.2 discussion → Coding .htaccess
but how can people find the forum except through your site?
Isn't it eaiser just to have .htaccess/.htpasswd combination?
but how can people find the forum except through your site?
Because I don't want anybody to find the forum if they don't come through my website first.
You've just pointed the goal
Isn't it eaiser just to have .htaccess/.htpasswd combination?
If we find how to turn around the "Meta Refresh" problem, no it's not.
Just because there is already one group login/password for the website, there will be one file user/password for the forum, and there would be another group-or-user/password file...
If I could -easily- do one file for all, why not, but it might be not very simple as both website an forum are "php-automatic" made (don't remember the name...)
no i mean how can anyone find the forum without knowing the URL to it?
Because the URL is on the website (...and works fine).
And if they are invited to the website, that means they are allowed to go to the forum (thru the link placed on the website).
If the site is invitation only, why not have a front page that requires a log in? Then have punbb and your other site's login elements cookie based, and when a specific user logs in, it automatically sends the proper cookies.
Limerick, if the URL to the forum is only on the site then how are people who don't go on the site going to be able to find the forum?
Limerick, if the URL to the forum is only on the site then how are people who don't go on the site going to be able to find the forum?
Ok, I may be a little paranoïd, LOL, but if you type www.mywebsite.com/forum/index.php or more directly, www.mywebsite.com/forum/register.com, you access to the register page which allows you to register then acces to the forum.
You will tell me that people must know how is organized the website/forum. You're right. What I wanted to do was just a - little bit more - secure access.
But it seems to be much more harder then I thought...
If the site is invitation only, why not have a front page that requires a log in? Then have punbb and your other site's login elements cookie based, and when a specific user logs in, it automatically sends the proper cookies.
Yes, this is a nice idea, but as I told you, the website is make dynamicaly, has its own login page (which I wish to keep the look, but I don't know how works the login stuff), and I don't know anything about coding...
But, logging once to the website and to the forum at the same time would be great, but might be more difficult then just ingrate a referer inside the "Meta Refresh"... for who knows how coding a .htaccess
IT IS IMPOSSIBLE TO ADD REFERRER DETAILS TO .HTACCESS
sorry i just need to get my point accross here
IT IS IMPOSSIBLE TO ADD REFERRER DETAILS TO .HTACCESS
sorry i just need to get my point accross here
No problem Connorhd
I did simply not read you saying that before.
But, I don't know if the following deals with your quoted sentence above, but I confirm that the .htaccess below works fine, except for the "Meta Refresh".
SetEnvIfNoCase Referer "^http://www.mywebsite.com/" local_ref=1
Order deny,allow
deny from all
allow from env=local_ref
Anyway, thanks for your kind help, and I think that now, you understand what I was wanted to do...
Lim.
no i mean how can anyone find the forum without knowing the URL to it?
I think thats exactly the point. He wants to have a site that is invitation only, including the forums. He dosen't want it open to the world, only to the members he wants. Sort of a members only.
Connorhd wrote:no i mean how can anyone find the forum without knowing the URL to it?
I think thats exactly the point. He wants to have a site that is invitation only, including the forums. He dosen't want it open to the world, only to the members he wants. Sort of a members only.
You're right zc923. I thing Connorhd caught this point at the previous post
Is it difficult to create a two-places access system, but keeping my login page form ? (There's a login and password windows).
Wait, dosen't the user managment settings in 1.2 solve this problem? At least with the forums?
I have done something like this before. All I did was a make a main index that went in my root folder, and a .htaccess/.htpasswd protected folder with all the rest of my protected stuff. Sure, multiple logins, but there are ways around it.
I'm not sure to understand exactly what you mean...
You mean that version 1.2 (which I use) allows to take .htaccess/.htpassword originally used by my website ?
But the .htaccess/.htpassword used by DAlbum is not on the root folder...
No. If you look in the administrator rights in your instilation of Punbb, you can set that guests cannot see the forum, they can only login or register.
It's incredible the lot of people who don't want to show their stuff on the web but ask very annoying questions ...
To help YOU, WE HAVE TO see your work ... unless you have something to hide ?
I just figured he lucked into a really cool domain name -- http://mywebsite.com/ .
No. If you look in the administrator rights in your instilation of Punbb, you can set that guests cannot see the forum, they can only login or register.
Yes, but I don't want anybody to be able to register if they don't come directly from my website.
So this option is not exactly what I want.
It's why I wanted to change the .htaccess, which seems to be impossible, Connorhd says
ok lets forget .htaccess its a bad idea, does your current site set a cookie?
What about putting register.php in a directory called /private/ and then password-protect that directory with .htpasswd. The only way people could register for the forum would be if they have the correct username/password.
simple solution is to set a session or even better a cookie on the homepage then make punbb check for it, if you do it with a cookie then they will only have to visit the main site once which would probably be less annoyiing for your users
simple solution is to set a session or even better a cookie on the homepage then make punbb check for it, if you do it with a cookie then they will only have to visit the main site once which would probably be less annoyiing for your users
Yes DAlbum set a session cookie
Access control modes
DAlbum can authenticate users in two modes: session mode and Basic HTTP Authentication.Session mode (default) is used when $g_bHTTPAuth is set to false in config.php. In this case users are authenticated by using a custom logon page, which will set a session cookie to authenticate a user. The good thing is that session mode works on any web-server and any PHP configuration (CGI or Apache module), and there is a nice "Log out" button. However, this mode is slower than "Basic HTTP Authentication" and does not work with browser cookies disabled.
But I don't know exactly how it works.
And does this cookie can check for each page from the forum I want ?
just add a little check for the DAlbum session cookie at the beginning of PunBBs common.php
just add a little check for the DAlbum session cookie at the beginning of PunBBs common.php
Yes.... well, well, well
I'll try to find how to do it...
And by the way, with this check, people won't be able to register if they don't have this DAlbum's cookie ?
people won't be able to access the forum at all without the cookie
This punBB post on user registration lists a few tutorials on php sessions. When in doubt, it's always a good idea to check out the php.net manual.
PunBB Forums → PunBB 1.2 discussion → Coding .htaccess
Powered by PunBB, supported by Informer Technologies, Inc.