How to access one file with .htaccess : deny from all

0
votes

I created a login page and I want to redirect me to a file which have .htaccess: deny from all The folder structure

main folder
 |-include
   |-connect
   |-.htaccess( with deny from all)
   |-index.php
 |-admin.php
 |-authenticate.php

Now: admin.php have the login which redirects me to authenticate.php which I want to redirect me to index.php but the .htaccess denied me this ( I use it to deny users to access the files from the include folder via address bar )...

In .htaccess I have the following lines of codes ?

Order deny,allow
Deny from all


<Files ~ "..\authenticate.php$">
  Allow from all
</Files>

I think this is a very noob way to protect the data but I have no idea how to protect it other way... I found on google how to deny all files except one . But the problem is that I want all files denied and to access them only when the login session is done and the user is authenticated...

1
php.htaccessredirect

1 Answers

0
votes

whenever someone try to access your folder by url, your index file will run and show the result. For authenticate a user to access folder, you check whether a user authenticated or not if not you will redirect back to authenticate.php and ask them to login.

For the sake of code:
| - authenticate.php Form Submited.
Valid user.
Store session.
Then Redirect to include/
| - include/index.php
check whether user validate and logged in with session check.

Here is some good stuff to learn handle logged in user with php
http://phppot.com/php/php-login-script-with-session/