Need help implementing PHP sessions in suPHP

Question

I asked this question before here but user CheekySoft pointed out that I was \"asking how to implement my proposed solution\" where instead I should just \"state m

Answer 1

How about creating an apache rewrite rule for all the users and create one single PHP wrapper for all the HTML pages

The RewriteRule could be something like:

RewriteCond %{REQUEST_URI} !^/auth
RewriteRule ^(.*) /auth/wrapper.php?uri=$1

And in wrapper.php:

1. Check if user is validated. If not, redirect to /auth/validate.php?redirect=<where-I-came-from>

2. If validated, load the file mentioned in uri=<...>

   echo file_get_contents('<...>');

EDIT: You can create symbolic links to the wrapper.php and then set the permissions on the symbolic link to the user. you could do this in the auth folder:

ln -s wrapper.php username1.php
chown -h username1:username1 username1.php

Then you wil get a folder like this:

-r--r--r--. 1 var-www   var-www   15 march   3 12:45 wrapper.php
lrwxrwxrwx. 1 username1 username1 17 march   3 12:47 username1.php -> wrapper.php
lrwxrwxrwx. 1 username2 username2 17 march   3 12:52 username2.php -> wrapper.php
lrwxrwxrwx. 1 username3 username3 17 march   3 12:52 username3.php -> wrapper.php

Please note: The user must be able to read the auth directory To make it even more secure you can put the wrapper.php in a separate directory.