Re: Coding .htaccess
but how can people find the forum except through your site?
Re: Coding .htaccess
Isn't it eaiser just to have .htaccess/.htpasswd combination?
Do, or do not.
28 2005-01-24 22:28 (edited by Limerick 2005-01-24 22:30)
Re: Coding .htaccess
Connorhd wrote:
but how can people find the forum except through your site?
Because I don't want anybody to find the forum if they don't come through my website first.
You've just pointed the goal 
zc923 wrote:
Isn't it eaiser just to have .htaccess/.htpasswd combination?
If we find how to turn around the "Meta Refresh" problem, no it's not.
Just because there is already one group login/password for the website, there will be one file user/password for the forum, and there would be another group-or-user/password file...
If I could -easily- do one file for all, why not, but it might be not very simple as both website an forum are "php-automatic" made (don't remember the name...)
- Connorhd
- Former PunBB Developer
- Offline
Re: Coding .htaccess
no i mean how can anyone find the forum without knowing the URL to it?
30 2005-01-24 22:33 (edited by Limerick 2005-01-24 22:35)
Re: Coding .htaccess
Because the URL is on the website (...and works fine).
And if they are invited to the website, that means they are allowed to go to the forum (thru the link placed on the website).
Re: Coding .htaccess
If the site is invitation only, why not have a front page that requires a log in? Then have punbb and your other site's login elements cookie based, and when a specific user logs in, it automatically sends the proper cookies.
Do, or do not.
- Connorhd
- Former PunBB Developer
- Offline
Re: Coding .htaccess
Limerick, if the URL to the forum is only on the site then how are people who don't go on the site going to be able to find the forum?
Re: Coding .htaccess
Connorhd wrote:
Limerick, if the URL to the forum is only on the site then how are people who don't go on the site going to be able to find the forum?
Ok, I may be a little paranoïd, LOL, but if you type www.mywebsite.com/forum/index.php or more directly, www.mywebsite.com/forum/register.com, you access to the register page which allows you to register then acces to the forum.
You will tell me that people must know how is organized the website/forum. You're right. What I wanted to do was just a - little bit more - secure access.
But it seems to be much more harder then I thought...
zc923 wrote:
If the site is invitation only, why not have a front page that requires a log in? Then have punbb and your other site's login elements cookie based, and when a specific user logs in, it automatically sends the proper cookies.
Yes, this is a nice idea, but as I told you, the website is make dynamicaly, has its own login page (which I wish to keep the look, but I don't know how works the login stuff), and I don't know anything about coding... 
But, logging once to the website and to the forum at the same time would be great, but might be more difficult then just ingrate a referer inside the "Meta Refresh"... for who knows how coding a .htaccess 
- Connorhd
- Former PunBB Developer
- Offline
Re: Coding .htaccess
IT IS IMPOSSIBLE TO ADD REFERRER DETAILS TO .HTACCESS
sorry i just need to get my point accross here
Re: Coding .htaccess
Connorhd wrote:
IT IS IMPOSSIBLE TO ADD REFERRER DETAILS TO .HTACCESS
sorry i just need to get my point accross here
No problem Connorhd 
I did simply not read you saying that before.
But, I don't know if the following deals with your quoted sentence above, but I confirm that the .htaccess below works fine, except for the "Meta Refresh".
SetEnvIfNoCase Referer "^http://www.mywebsite.com/" local_ref=1
Order deny,allow
deny from all
allow from env=local_refAnyway, thanks for your kind help, and I think that now, you understand what I was wanted to do...
Lim.
Re: Coding .htaccess
Connorhd wrote:
no i mean how can anyone find the forum without knowing the URL to it?
I think thats exactly the point. He wants to have a site that is invitation only, including the forums. He dosen't want it open to the world, only to the members he wants. Sort of a members only.
Do, or do not.
37 2005-01-25 22:10 (edited by Limerick 2005-01-25 22:12)
Re: Coding .htaccess
zc923 wrote:
Connorhd wrote:no i mean how can anyone find the forum without knowing the URL to it?
I think thats exactly the point. He wants to have a site that is invitation only, including the forums. He dosen't want it open to the world, only to the members he wants. Sort of a members only.
You're right zc923. I thing Connorhd caught this point at the previous post
Is it difficult to create a two-places access system, but keeping my login page form ? (There's a login and password windows).
Re: Coding .htaccess
Wait, dosen't the user managment settings in 1.2 solve this problem? At least with the forums?
I have done something like this before. All I did was a make a main index that went in my root folder, and a .htaccess/.htpasswd protected folder with all the rest of my protected stuff. Sure, multiple logins, but there are ways around it.
Do, or do not.
Re: Coding .htaccess
I'm not sure to understand exactly what you mean...
You mean that version 1.2 (which I use) allows to take .htaccess/.htpassword originally used by my website ?
But the .htaccess/.htpassword used by DAlbum is not on the root folder...
Re: Coding .htaccess
No. If you look in the administrator rights in your instilation of Punbb, you can set that guests cannot see the forum, they can only login or register.
Do, or do not.
Re: Coding .htaccess
Rod wrote:
It's incredible the lot of people who don't want to show their stuff on the web but ask very annoying questions ...
To help YOU, WE HAVE TO see your work ... unless you have something to hide ?
I just figured he lucked into a really cool domain name -- http://mywebsite.com/ .
Dean
One of these days, I'm going to upgrade my forum.
D9r.com - homepage
Tucker & DeKalb County, Georgia -- news, events, zoning, politics, directory
HiveMinds.info - International Web Developer Forum (lots of smart folks here)
One of these days, I'm going to upgrade my forum.
D9r.com - homepage
Tucker & DeKalb County, Georgia -- news, events, zoning, politics, directory
HiveMinds.info - International Web Developer Forum (lots of smart folks here)
Re: Coding .htaccess
zc923 wrote:
No. If you look in the administrator rights in your instilation of Punbb, you can set that guests cannot see the forum, they can only login or register.
Yes, but I don't want anybody to be able to register if they don't come directly from my website.
So this option is not exactly what I want.
It's why I wanted to change the .htaccess, which seems to be impossible, Connorhd says 
- Connorhd
- Former PunBB Developer
- Offline
Re: Coding .htaccess
ok lets forget .htaccess its a bad idea, does your current site set a cookie?
Re: Coding .htaccess
What about putting register.php in a directory called /private/ and then password-protect that directory with .htpasswd. The only way people could register for the forum would be if they have the correct username/password.
Dean
One of these days, I'm going to upgrade my forum.
D9r.com - homepage
Tucker & DeKalb County, Georgia -- news, events, zoning, politics, directory
HiveMinds.info - International Web Developer Forum (lots of smart folks here)
One of these days, I'm going to upgrade my forum.
D9r.com - homepage
Tucker & DeKalb County, Georgia -- news, events, zoning, politics, directory
HiveMinds.info - International Web Developer Forum (lots of smart folks here)
- Connorhd
- Former PunBB Developer
- Offline
Re: Coding .htaccess
simple solution is to set a session or even better a cookie on the homepage then make punbb check for it, if you do it with a cookie then they will only have to visit the main site once which would probably be less annoyiing for your users
Re: Coding .htaccess
Connorhd wrote:
simple solution is to set a session or even better a cookie on the homepage then make punbb check for it, if you do it with a cookie then they will only have to visit the main site once which would probably be less annoyiing for your users
Yes DAlbum set a session cookie
Access control modes
DAlbum can authenticate users in two modes: session mode and Basic HTTP Authentication.Session mode (default) is used when $g_bHTTPAuth is set to false in config.php. In this case users are authenticated by using a custom logon page, which will set a session cookie to authenticate a user. The good thing is that session mode works on any web-server and any PHP configuration (CGI or Apache module), and there is a nice "Log out" button. However, this mode is slower than "Basic HTTP Authentication" and does not work with browser cookies disabled.
But I don't know exactly how it works.
And does this cookie can check for each page from the forum I want ?
- Connorhd
- Former PunBB Developer
- Offline
Re: Coding .htaccess
just add a little check for the DAlbum session cookie at the beginning of PunBBs common.php
Re: Coding .htaccess
Connorhd wrote:
just add a little check for the DAlbum session cookie at the beginning of PunBBs common.php
Yes.... well, well, well
I'll try to find how to do it...
And by the way, with this check, people won't be able to register if they don't have this DAlbum's cookie ?
- Connorhd
- Former PunBB Developer
- Offline
Re: Coding .htaccess
people won't be able to access the forum at all without the cookie
Re: Coding .htaccess
This punBB post on user registration lists a few tutorials on php sessions. When in doubt, it's always a good idea to check out the php.net manual.
Dean
One of these days, I'm going to upgrade my forum.
D9r.com - homepage
Tucker & DeKalb County, Georgia -- news, events, zoning, politics, directory
HiveMinds.info - International Web Developer Forum (lots of smart folks here)
One of these days, I'm going to upgrade my forum.
D9r.com - homepage
Tucker & DeKalb County, Georgia -- news, events, zoning, politics, directory
HiveMinds.info - International Web Developer Forum (lots of smart folks here)