KomplikatedOne Posted September 8, 2011 Share Posted September 8, 2011 (edited) ive got this working perfectly in firefox and chrome, using : ($_SERVER['SCRIPT_NAME'] != DIR_WS_ADMIN . "orders.php") && but in IE8, its not applying any kind of security, allows the login access to all? if i use the original ($PHP_SELF != DIR_WS_ADMIN . "orders.php") && it doesnt allow the login to access anything at all? full code below: if ( ($PHP_AUTH_USER=='admin1') || ($PHP_AUTH_USER=='admin2') || ($_SERVER[REMOTE_USER]==admin1) || ($_SERVER[REMOTE_USER]==admin2) ) {; } else { if ( ($_SERVER['SCRIPT_NAME'] != DIR_WS_ADMIN . "orders.php") && ($_SERVER['SCRIPT_NAME'] != DIR_WS_ADMIN . "invoice.php") && ($_SERVER['SCRIPT_NAME'] != DIR_WS_ADMIN . "index.php") && ($_SERVER['SCRIPT_NAME'] != DIR_WS_ADMIN . "login.php") && ($_SERVER['SCRIPT_NAME'] != DIR_WS_ADMIN . "packing_slip.php") && ($_SERVER['SCRIPT_NAME'] != DIR_WS_ADMIN . "customers.php") ) { die("<br><br><center>You are not authorized to view this page.\n\n</center>"); } } ?> shame as it looks to be quite useful and should be fairly simple going to try in IE9 next see how it behaves Edited September 8, 2011 by KomplikatedOne Quote Link to comment Share on other sites More sharing options...
damies Posted July 5, 2013 Share Posted July 5, 2013 Hopefully I can help you understand why you are getting the inconsistencies between $PHP_SELF and $_SERVER['SCRIPT_NAME'], $PHP_AUTH_USER and $_SERVER[REMOTE_USER], etc. Basically, as I understand it, $PHP_SELF is the old (deprecated) method that required Register-Globals on and most hosing companies wouldn't turn it on anyway. $_SERVER seems to be the way forward and doesn't require any special server settings. See here for the full explanation: http://www.php.net/manual/en/faq.using.php#faq.register-globals Dave. Quote Link to comment Share on other sites More sharing options...
oldcelt Posted November 5, 2014 Share Posted November 5, 2014 As the last post in this thread was 2013, is there an updated, working version of this (allegedly) simple access control script please? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.