This may well be simple, but I’m new to Drupal. The organization I work for switched to Drupal a little while ago, but there’s still some legacy code in various external PHP files that would be cumbersome to convert over to work within Drupal.
However, it would be very nice to be able to restrict access to some of these pages based on a person being authenticated against Drupal. (Some pages are administrative and are currently visible to anyone who knows the URL, for instance. Yes, poor design, but that’s what I inherited…)
How can I check with Drupal, from an external PHP file, to see if the person visiting a given page has authenticated?
I would go with Rimians suggestion of registering the URLs within Drupal itself (+1), but as an alternative, you can bootstrap Drupal ‘manually’ and check a user permission after that directly from other scripts as well:
NOTE: Drupal does quite a bit of work during bootstrap, including some manipulation and setting of global variables, so make sure to check carefully for interferences/clashes with the legacy code (would also apply for Rimians suggestion).
If you want to restrict access to authenticated users only, you can replace the
user_access()call withuser_is_logged_in(). If you want to check by role, you can add aglobal $user;and check the contents of the$user->rolesarray