DescriptionSometimes it is necessary to restrict the access to a file, to a complete folder, to a admin area or to specific file extensions like movie files. Of cause you can use a .htaccess file or create every time again a small login page but .htaccess is not very flexible and user friendly and programming everytime a new login page is very time consuming. Instead you can use “FileProtect”. It is that simple to implement: change the settings in the login.php to your need, copy 4 lines of code and upload the files. Try it – you won’t never use another way of protecting your files.
The installation of “FileProtect” is very simple. Only 5 steps are necessary:
- Change the ‘Settings’ of the login.php to your need (FileProtect will run without any changes but all settings are also well documented)
- Replace the fileprotect_logo.png with your desired logo
- Copy the ‘4 magic lines of code’ from the login.php at the beginning of the file that should be protected (in most cases index.php)
- upload all files to the desired folder
- test it
The 4 magic lines of code are: (add this php code to all .php files that should be protected)
include "fileprotect/fileprotect_class.php"; session_start(); $fp = new FileProtect; $fp->CheckAccess();
- “FileProtect” is simple and flexible
– it integrates perfectly at every time of your project. Existing files or struktures never have to be renamed or changed.
– only 4 lines of code to protect a file
– runs out of the box without any changes
- no database required – but ready to work with an sql database
- Username or Password could be defined in the settings or could be read from any sql database
- ready to deal with md5 encrypted password
- individual help text at the login page possible
- Automatic .htaccess creation to redirect from non-existing files and subfolders back to the login screen
- Possibility to protect specific file extensions from direct access
- German and English Translations available. Easy to extend with other languages due to standardized language files.
- resistant against BruteForce attacks
- check out the demo at http://www.bigtoe.de/demo/fileprotect
UpdatesVersion 1.3: Prevent error message if there is no login attempt. (Dezember 19th, 2019)
Version 1.2: I added a new function to define the target file for redirecting after a successful login. Also there is no error message until the login form is not submitted.
Version 1.1: I updated the documentation and included the possibility to protect specific file extension in the protected folder (and subfolders).