[epic1231]

hey all is there a way to put non cgi files in a cgi-bin directory - i know this sounds stupid but this login/registration script i have only seems to protect files that are in cgi-bin/foldername/protectedfolder/ and the files i need to protect are actually a download database which is written in php.. Although i can't seem to call the files when i have them in the cgi-bin even with chmod the permissions to 755 and leaving them all at what they were upon upload..

Is this possible?

Thanks,
Bill

[fusian]

Quote:

Originally Posted by epic1231

hey all is there a way to put non cgi files in a cgi-bin directory - i know this sounds stupid but this login/registration script i have only seems to protect files that are in cgi-bin/foldername/protectedfolder/ and the files i need to protect are actually a download database which is written in php.. Although i can't seem to call the files when i have them in the cgi-bin even with chmod the permissions to 755 and leaving them all at what they were upon upload..

Is this possible?

Thanks,
Bill

This isn't possible to my knowledge, the cgi-bin allows execution on the back end of the server for stuff like C++ and Perl applications which need access to the server itself.

It may be more productive and easier to modify the script you are using to protect the files, have you tried applying a very basic knowledge of programming in trying to find where the path variable/constant is in the protection script so that you can change it to another directory?

[epic1231]

well i've tried to change the path to outside of the cgi-bin to the folder /files/ but unforunilty it then does not seem to protect the script

beyond that my knowledge is slim.. What happens is after a user is logged in they are brought to a members page which is fine - on that page i was adding a link to the files in which they would have access to - the link in the cgi is /cgi-bin/quickregister/scripts/redirect.cgi?redirect=demo

which works or i can change demo to site and have it redirect to anywhere inside the public_html but if it is out of the cgi-bin it doesn't seem to protect that area (meaning i can bookmark it or file the url and return to it without having to login again which i do not want)

I'm using SQL Quickregister script it's a free script seems great and has all the functions i'm looking for but no support listed on the site - if you can think of anyway of protecting let me know i'm going to drop the author's an email to see if they can further help me out

[fusian]

Quote:

Originally Posted by epic1231

well i've tried to change the path to outside of the cgi-bin to the folder /files/ but unforunilty it then does not seem to protect the script

beyond that my knowledge is slim.. What happens is after a user is logged in they are brought to a members page which is fine - on that page i was adding a link to the files in which they would have access to - the link in the cgi is /cgi-bin/quickregister/scripts/redirect.cgi?redirect=demo

which works or i can change demo to site and have it redirect to anywhere inside the public_html but if it is out of the cgi-bin it doesn't seem to protect that area (meaning i can bookmark it or file the url and return to it without having to login again which i do not want)

I'm using SQL Quickregister script it's a free script seems great and has all the functions i'm looking for but no support listed on the site - if you can think of anyway of protecting let me know i'm going to drop the author's an email to see if they can further help me out

Hmm, if that doesn't work then it will probably be that the design of the program will require it to be like that.

Have you thought of any other method of protection like using a user database and on login setting a cookie or session and then having on each protected page a header include which checks to make sure they are logged in correctly and have the right privelidges etc.?

[epic1231]

i tried to look into scripts as such but unforunitly i'm not very good with php just getting used to it and couldn't figure most of them type of login scripts out.. With each one i have done i'm changing my layout kinda (running a gaming network trying to setup so users can read reviews and whatnot but need to register before downloading files such as games/patchs demos trailers etc.etc.

[fusian]

Quote:

Originally Posted by epic1231

i tried to look into scripts as such but unforunitly i'm not very good with php just getting used to it and couldn't figure most of them type of login scripts out.. With each one i have done i'm changing my layout kinda (running a gaming network trying to setup so users can read reviews and whatnot but need to register before downloading files such as games/patchs demos trailers etc.etc.

Sounds good.

What I'd tend to recomend is don't go for fancyness, all you need is a very very basic script that you may be able to start understanding even with very little PHP knowledge.

Reading other peoples PHP is the best way to learn. It's how I learnt, you will get a lot of satisfaction learning PHP, it's a great language.

Once you've found a login checking script - really you should only need to include it in each protected page, which you do using:

PHP Code:

include("/path"); 

It's that simple, just setting up takes a little time, but if a job is worth doing it's worth doing right! & learning new skillz is fun!

[epic1231]

is that all it is? see i couldn't figure out all the sessions and cookies so i gave up

Ok well with this script until i can do some more reading up like you said i came up with a temp fix - to access the download section they must be logged in anyways.. So what i did was removed the redirect script from there and added a javascript download popup that comes up when you click on the download with no frames no borders nothing but the page.. That way the users can bookmark i don't think the download page nor see what page it is when i install the block view source code..

Temp fix but i guess it works

Thanks for your help i do appreciate it - have a wonderful new years

[fusian]

Quote:

Originally Posted by epic1231

is that all it is? see i couldn't figure out all the sessions and cookies so i gave up

Ok well with this script until i can do some more reading up like you said i came up with a temp fix - to access the download section they must be logged in anyways.. So what i did was removed the redirect script from there and added a javascript download popup that comes up when you click on the download with no frames no borders nothing but the page.. That way the users can bookmark i don't think the download page nor see what page it is when i install the block view source code..

Temp fix but i guess it works

Thanks for your help i do appreciate it - have a wonderful new years

Will do, don't forget to check my site, http://www.efusian.co.uk and let me know what you think

Temp fixes are all over the place mate, called hacking I've put some ancient hacks into my sites before just to get the things working to some level, often simplicity is the key - even complex fancy features tend to have simple code

Initiative is the key to the internet, you need to be able to overcome problems even if only temp basis to be a good programmer.

Happy new year!