How to use htaccess to point to a different directory?

PHP and htaccess question

I use .htaccess files to allow users access to files in certain directories based on their IP addresses/ranges. They are linked to these file from a page (not within the htaccess protected directory) generated in PHP. Is there a way to display a variable on this PHP page based on whether or not the user will be allowed access into .htaccess protected directories? Ideally, if their IP address or range (CIDR) is in the htaccess file, they will be able to clink on the link and view the restricted files without any problems. If they don't have access, a link saying "Need to purchase this file?" will appear to the user. Is this possible? I tried to google this but I am coming up short. Perhaps I am not using the best search criteria. Is there possibly a certain term for what I'm trying to do? Are there any other similar solutions that would achieve the same result but I'm not aware of? A normal username/login system wouldn't work because some of the users come from institutions (Universities, libraries) where it is just much more easier to grant access via IP addresses.
Answer:

Yes, but you don't want to do that, you would have to write an htaccess file parser. Instead, vave your htaccess files generated from a database, then check an ip against that database from php.

chillmost at Ask.Metafilter.Com Visit the source

Was this solution helpful to you?

Other answers

As devnull said, it's much easier to write the htaccess file with PHP than to read it with PHP. But if you aren't changing the IP range very often, it may be easiest to just edit both files manually. To test a visitor against an IP range in PHP, you could do something like this: $start_ip = '10.92.1.4'; $end_ip = '10.92.29.4'; $visitor_ip = $_SERVER['REMOTE_ADDR']; $visitor_can_access = ( ( ip2long( $visitor_ip ) >= ip2long( $start_ip ) ) && ( ip2long( $visitor_ip ) <= ip2long( $end_ip ) ) ) ? true : false;

scottreynen

Hmm, yeah something in the back of my mind said the ips in a database would probably be the logical solution. Would it be possible to somehow check and see what the HTTP response status codes for the visitor's IP address would be? Then display link if the code is 401?

chillmost

Check out the "http://httpd.apache.org/docs/2.0/mod/core.html" directive. This way, if somebody who has access sends the url to somebody who doesn't (which means they'll never get to your preliminary php document), you can use the ErrorDocument to show a "buy it here" html page. After that, you can reuse that effect by simply linking to the document form your php script and depend on the ErrorDocument directive to do the right thing.

DreamerFi

Check out the "ErrorDocument" directive. In particular, you'd want the 401 error (not 403... just sayin' because I mix them up sometimes). Yes, but you don't want to do that, you would have to write an htaccess file parser. I'm going to buck idea this a bit. Database setup, maintenance, and communication might well be as much overhead as writing a script to read info from htaccess files. Especially if (a) where what you need to read from the htaccess file is a well-defined and small subset of all possible directives (and I think allow/deny stuff qualifies) and (b) you're conversant with regular expressions. It sounds like you essentially need to search a given htaccess file to see if it has something like "Allow from " somewhere in it. You could http://us2.php.net/manual/en/function.file-get-contents.php, and use http://us2.php.net/preg_match (or even http://us2.php.net/manual/en/function.strpos.php if the file's set up a particular way) to search for the IP address and allow directive, and if you get a successful match, you show one thing, if not, another. There might be other reasons you'd want to migrate the info into a database, but I don't think simplifying this task is a particularly compelling one.

weston

something like "Allow from " should've been "Allow from <user ip here>"

weston

Thanks for the tips and ideas. We already use the ErrorDocument directive to redirect unauthorized users to a page with more information, but we also wanted to put a link on the first page that only non-subscribers would see. Also Safari will not redirect to a php page if it is done using ErrorDocument 401. Or maybe it does but I am doing something wrong, but it works fine in any other browser. That's another problem for another question. I have a feeling that I may actually migrate the info into a database because it would allow us to do some other things as well. But that is a whole other can of worms that I may have to shop out to real programmers.

chillmost

Related Q & A:

How to remove extension and force trailing slash with .htaccess?Best solution by Stack Overflow
How do i create virtual subdomain using htaccess?Best solution by Stack Overflow
How to I redirect URLS with special characters in htaccess?Best solution by Server Fault
How to store data in php and get data from php?Best solution by Stack Overflow
How to Rewrite URL in htaccess with php?Best solution by Stack Overflow

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.