[RESOLVED] Help with index.php page

BigJohn

I have a web site that is password protected using GoDaddy’s password protection. On my index.php file, I have a counter as well a PHP script that logs the users name into a log file with the date and time. It all works very well except a user can type into his browser the domain name followed by a slash and a specific file name they want to see and then login and go right to their desired page without opening my index.php page. Consequently, the counter and my log file are not accurate since some users are by-passing the index.php page.

I’ve been scratching my head all day trying to figure out in my mind a solution to this problem. Can someone nudge my old gray matter in the right direction?

dagon

move he files outside of the web dir, and server them only via a php script. That script can either update the counter itself, or make suer the user has gone via your index.

johanafm

Or set up your webserver to serve only php files.

dagon

johanafm;10935861 wrote:
Or set up your webserver to serve only php files.

most people like pretty pictures on there web pages to 😃

johanafm

Which can still be handled by a php file as well. But I get your point 🙂

BigJohn

I thought I had figured out a solution which was to use SESSIONS. What I did was to put this code at the top of my index.php page:

<?php
session_start();
$_SESSION['forward'] = "OK";
?>

Then at the top of each of my other pages I put the following:

<?php
session_start();
if(!isset($_SESSION['forward'])) {
  header('Location:index.php);
}
?>

Although this does seem to work, what is happening is that my users end up having to login twice if they initially by-pass the index.php page. It seems the redirect is causing this.

I'm still uncertain as to a solution. I can easily move the counter and login report scripts someplace other than in the index.php file, but then don't know how to trigger them regardless of which page the user might login to first. I wouldn't want the trigger to go off everytime they moved from one page to another.

dagon

why not log them with the login script.

BigJohn

dagon, can you be more specific and give me an example?

Basically all I'm trying to do is capture the username and save it along with the current date and time to use on my report. I get the user name with: $name = getenv("REMOTE_USER"). Obviously, I don't have any trouble getting the information, it is just a matter of how I get it only once each time a user logs into the web site - regardless of which web page they go to first.

dagon

Apache Basic authentication, rules out my preferred approach, you will need to either add the logging to each page(with an include) or have all requests go through a front end controller.

BigJohn

What is a front end controller?

BigJohn

I ended up putting the login and counter script into a separate file. Then used the include statement on all my PHP pages. It seems to work fine now. Thanks to all who helped.