Home/ Questions/Q 6590523
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T17:18:39+00:00

I’m currently trying to use a script that ensures users are logged into a

  • 0

I’m currently trying to use a script that ensures users are logged into a central sign-on system.

The problem is that any files, including PHP and image files, in this sub-folder are not accessible when included, whether simply when using <?php include 'file.php' ?>, just as an image, i.e. <img src="image.png" />, etc.

The code that I am using in the .htaccess file is below:

RewriteEngine on
# The original URL is set as an environment variable SSO_REQUESTED rather than
# a query parameter, so it's not vulnerable to hacking.
# It shows up in PHP as $_SERVER['REWRITE_SSO_REQUESTED'].
RewriteCond %{REQUEST_URI} !ssoclient
RewriteRule (.+) /sso/ssoclientfilter.php [E=SSO_REQUESTED:$1,L]

Any help here would be greatly appreciated.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If the point of your code is to make sure that your users are logged into a central sign-in system wouldn’t the PHP code:

    <?php

if (!isset ($_COOKIE[ini_get('session.name')])) {
     session_start();
}else{
     print "<SCRIPT>window.location='/sso/ssoclientfilter.php';</SCRIPT>";
}

    In the above code, anyone without a session previously started gets directed to your ssoclientfilter.php and your other images and folders aren’t touched. This placed where your session_start() is located should cover your issue.

    • 0