Securing Directories with PHP

PPowerHouseK

Hello,

I want to secure directories for specific users. I have attempted to do this with a simple index.html or index.php that looks like the following code. This works for anyone who types in the browser, but is they type the file name, it still lets them view it.

<?php
session_start();
if(!isset($_SESSION['logged_in']))
	{
		header("Location: denied.html");
	}
else if( $username !== "Admin")
	{
		header("Location: denied.html");
	}


?>
<html>
<head>
<Title>Denied
</Title>
</head>
<body><center>
<br><br>
</body>
</html>

Any help on this would be much appreciated.

dagon

if they are php files you need to add the code to every file in the dir.

PPowerHouseK

What if they are just a bunch of pictures, .log and .txt files? How can I secure them?

dagon

store them outside the webroot and server then through a php script