Hidden URL

Hello! I would like to be able to access a password protected directory by

setting the userid and password within my script (HTML/Java Script/Perl - whatever).

I am creating links (on the fly) to the files in the passowrd protected directory

if the user is a valid member (based upon a database lookup). The members'

userid and password IS NOT the same as the userid and password to access the

directory as there are many members - one directory (therefore one userid and

password).



Sure, I could simply create the link as follows provided the member is valid:



http://userid:[email protected]/file.html



but then everyone knows the userid and password and can send it to anyone.

Is there an HTTP variable that I can set that tells the server the user is valid?

Something that will simply allow me to create the link as:



http://www.domain.com/file.html



Or - is there a way to encrypt the userid and password in the URL?



Thanks!

CA




Comments

  • While this isn't the most secure way, you might try looking around for the GateKeeper script. it works like this:



    1) prompt user for "password"



    2) Try to access page using:

    http://www.theserver.com/directory/password.html



    Where password is what they entered in the box prompt, and the .html (or .htm) is tagged on to the end of it.


Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories