I've been looking for a small program/script to run on Apache that can manage user access to several folders on my website. The issue is that it's not one block of content that will require "member" status but several different folders. User 1 may have access to folder A, but not B and user 2 maybe both folders or only B.
Looking for a program that makes it easy to manage these issues for a few hundred users. It doesn't require strong passwords, just confirmation of e-mail address once. Preferably in PHP.
Take a look at Zend_Acl and this:
PHP login class
Found what I was looking for here. Have not installed yet, but documentation is good and interface looks fine.
Related
So I have designed a PHP application that uses an oAuth2 API integration to create a unique interface for a CRM. App is working great on my server, and am ready to offer it to my clients.
My initial idea for expanding this was to create a unique subdomain for each of them on my server, create a new database, and install my application onto that subdomain. My application only has one hard-coded file with the database login details, the rest is stored on a database.
The problem I see with this is it is inefficient. I am essentially going be putting in the same files in many directories, which doesn't make a whole lot of sense. Plus updating it would be annoying.
Since everything is being hosted by me, it was suggested that I create a core folder with all of the files. Then I could use a loader script to read the database settings, and then use relative paths to access the core folder.
My issue is how would this work? Suppose my core domain is https://core.mydomain.com and my customer url is https://cus.mydomain.com. Customer logins through their url. Now a customer wants to access https://cus.mydomain.com/person.php. How would I make that work, considering that file is not located there (since it is in the core folder)? Would this require using custom htaccess?
If my current idea is wrong, what approach would you suggest? I am not married to this approach, and am looking for an efficient way of updating and managing the app. Thank you!
Use a symbolic link?
https://en.wikipedia.org/wiki/Ln_(Unix)
You can create a folder with all your static files in /var/www/core/ and create a symbolic link in each customers folder.
ln -s /var/www/core /var/www/customer001/core/
this way all modifications in /var/www/core/ will be available to all customers
We have several webapps based in Wordpress and Codeigniter, which are based on different servers but under the same domain (ie: intranet.something.local) and most of them use Active Directory login credentials.
For Wordpress, I'm using a plugin called Active Directory Integration to log in with these credentials and it's working perfectly after configuring openLDAP.
The thing is, our client asked us to have a single log on for every app, meaning that once I'm logged into Wordpress, I should be logged in when I go to another app, that uses the same login user and password.
Is there a possible way to do this? And if so, where should I start?
I believe, that is possible in multiple ways..
Setup Single Sign On in your apps
Use a script which automatically copies User data from a web app,
and then using that information creates user login to the other
apps..Idea is to let user register for one site, and based on that information, register him to other sites automatically
May be, some sort of Database sharing be possible, but that would be
really really a tough job, still Possible (I believe, in Computer
Science, nothing is impossible forever)
create a common cookie file and when user switches the app, use that
cookies to get the user login in between different apps
I'm in need of a solution to allow clients access to physical folders.
My first intention was to manually control this by using a .htpasswd file, but I was curious if any of you have come across a solution that already exists.
Something that would allow an admin to create users with passwords, and create physical folders for those users.
We have an application that stores paths in relation to users. So by default all paths are blocked. But we grant each user access to a path in our table. Then when a page is accessed we check to see if there is a record in our database for a user to have access to that particular page/path.
In coldfusion this can be done in the onRequest method before any page processing is done. You could do it on the page itself I guess. Are you looking for a plugin or just a way to do it?
I am using php/mysql on linux servers. I want to create a user sub domain for each user upon sign up. For instance, john doe --> johndoe.example.com
The issue is, we are going to allow customizations such as adding custom features for clients wanting customizations. So, is it better we automate the process or manually create sub domains for clients requiring customizations and let other users just use basic login?
And how can i automate the process if need be?
Instead of creating subdomains, have a wildcard subdomain which is mapped into one folder and with PHP figure out which user's data you want to show.
If you are using a cPanel hosting, creating a wildcard subdomain should be pretty easy and wont require any manual adjustment to the httpd.conf file. Otherwise whenever you will add individual subdomains Apache will be restarted in the background, which is not at all good.
I rephrased my answer for clearer understanding.
Whenever we use chmod, we set different authorities to different users types like
owner, group, others, all
What I dont know is, how do define who is owner, who is group and who are others.
Can we use this while implementing login system? What I mean is, by verifying a username, I want to define if the logged in user is owner, a group or others so that I can deny access to file or folder.
May be my title does not reflect the question, if someone with rep power finds a better title, please edit it?
Are you trying to use file system permissions to allow or deny access to the files served by php, or to php scripts themselves?
This is not possible. There is always one and only one user who runs apache and php. What that user is called depends on your system: it could be called "apache" or "www" or even "nobody".
When you implement a login system to your website, you are not dealing with this. When you implement a login system, you are doing nothing more than associating a token to the current session. Then according to the token you can change the normal course of the php script (allowing or denying access, display one or another data template, etc...). But, for the operating system, there is absolutely no difference.
You should take a look at some php tutorials about authentication. If you don't want to implement one yourself, this is a viable solution:
http://framework.zend.com/manual/en/zend.auth.introduction.html