Results 1 to 2 of 2

Thread: Security

  1. #1
    Join Date
    Dec 1969

    Default Security

    Dear Sir ,I have developed a site called for our company clients.I this site we craeted different folders to each client to maintain their accounts.Clinets has to enter the site using their username & password to access their files from their folder.I have created folders like a,b,c,.....IF one client enter with his username & password, the url looks like same client can visit the other clients files also ,if he simply changes folder name to &#039;b&#039; instead of &#039;a&#039;. ie. to<BR>SO i want to avoid this to maintain security to each clients folder.clients should not allowed to access folders of other clients.<BR>So i request you slove my problem as soon as early.<BR>plz send details to my mail id<BR>Thanking you,<BR>best regards,<BR>Kareem.

  2. #2
    Join Date
    Dec 1969
    Los Angeles, CA

    Default Easy

    Just store the folder name in the db...when you validate a login retrieve the folder name.<BR><BR>Before you display the data ensure the folder name YOU selected is in the URL and NOT something else. if it exists...redirect to a page informing th user he does not have permissions or maybe just a message and a response.end.<BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts