Password protection for a single directory

PHP
1

Hi Guys,
I’m wondering how I can achieve a password protection for a single directory that’s created from the copydir() command.

To give you an idea what I mean: I created a form that allows users to copy a website by selecting a source and creating a new directory to copy the source too.

Now in that new directory copied from the source will be another directory containing the user end of my lite CMS i created.

So what’s the best way for the user to gain secured access to his folder?

I’m thinking that when the user just needs to set a password when creating the dir in the original form but then if I had multiple users with their own directory other users could open somebody else’s directory by changing the URL…?

I’m afraid I’ve relied on using scripts that use member levels.
I’d appreciate if somebody could point me in avenues of research for this topic or any actual help in general.

Here’s the code incase I didn’t explain it to clearly:
Form

<body>
<form action="mkdir.php" method="post">
  <p>
    <label>
      <input type="radio" name="style" value="template1" id="RadioGroup1_0" />
      Corprate</label>
    <br />
    <label>
      <input type="radio" name="style" value="template2" id="RadioGroup1_1" />
      Music store</label>
    <br />
    <label>
      <input type="radio" name="style" value="template3" id="RadioGroup1_2" />
      Metal Band</label>
    
      </p>
  <p>
      Name of Buisness:
      <input type = "text" name ="folderName">  
  </p>
  <p>
    <label>
    <input type="submit" name="button" id="button" value="make it!" />
    </label>
    <br />
  </p>
</form>

create site:

//Get dirName from form string and create dirs
$_SERVER['QUERY_STRING'];
$folderName = $_POST['folderName'];
$path = "../";
$d = $path . $folderName;
mkdir($d, 0777);

$_SERVER['QUERY_STRING'];
$adminFolder = "admin";
$adminPath = "$d";
$admindir = "".$adminPath."/".$adminFolder."";
mkdir($admindir, 0777);

$_SERVER['QUERY_STRING'];
$imgFolder = "images";
$imgPath = "$d";
$imgdir = "".$imgPath."/".$imgFolder."";
mkdir($imgdir, 0777);

//Get file source from radiobtn
$_SERVER['QUERY_STRING'];
$usrForm = $_POST["style"];
//clone files
$source = "source/$usrForm";
$destination ="$d";
copydir("source/$usrForm","$d");

function copydir($source,$destination)
{
if(!is_dir($destination)){
$oldumask = umask(0);
mkdir($destination, 01777); // so you get the sticky bit set
umask($oldumask);
}
$dir_handle = @opendir($source) or die("Unable to open");
while ($file = readdir($dir_handle))
{
if($file!="." && $file!=".." && !is_dir("$source/$file"))
copy("$source/$file","$destination/$file");
}
closedir($dir_handle);
}
//clone imgs
$source = "source/$usrForm/images/";
$destination ="$imgdir";
copydir("source/$usrForm/images/","$imgdir");
echo "copied images";

if (!function_exists('copydir')) {
   function copydir($source,$destination)
{
if(!is_dir($destination)){
$oldumask = umask(0);
mkdir($destination, 01777); // so you get the sticky bit set
umask($oldumask);
}
$dir_handle = @opendir($source) or die("Unable to open");
while ($file = readdir($dir_handle))
{
if($file!="." && $file!=".." && !is_dir("$source/$file"))
copy("$source/$file","$destination/$file");
}
closedir($dir_handle);
  }
}
//print
echo "<a href=\\"".$d."/index.htm\\">Click Here</a>";

?>
2

sound good, will give it a try, thanks

3

Use your PHP script to write an HTACCESS and HTPASSWD file into the new CMS directory, using the supplied password?