How can I use the logging function to use suPHP permissions. For example, if I have a website at www.example.com and the following two users with their own home directories, each of which has a PHP script test.php and validateUser.php script belonging to another user (root, www-data, apache .. .) in the /home directory.
/ home /
βββ validateUser.php
βββ user1
β βββ test.php
βββ user2
βββ test.php
user1 can access user2's script by visiting www.example.com/user2/test.php and vice versa. Instead, I want to forward all incoming requests using mod_rewrite to validateUser.php . However, in this case, the execution of all scripts will be executed as the owner of validateUser.php , and not the target test.php script.
Is there a php script call at all before suPHP starts working, and then either allow suPHP to continue, or completely abort.
EDIT . This is the second award that I put. The first thing I gave Gustav b / c, he gave a good partial answer . I mentioned what I have done so far and why none of them work for me.
1) I tried using mod_rewrite to redirect the url to validateUser.php to log in to the user or call the script they wanted to call. The problem is that I set my virtual hosts in such a way that each user has their own virtual site (i.e. www.user1.example.com , www.user2.example.com ... if this is a bad design approach , feel free to roughly indicate it). Therefore, although the OS sees the file structure as indicated above online, the root directories are configured as such
VirtualHost = www.user1.example.com βββ validateUser.php βββ test.php VirtualHost = www.user2.example.com βββ validateUser.php βββ test.php
Naturally, I just moved a copy of validateUser.php to each user directory. The problem is that now the user can delete this file and put everything there that he wants, for example, does not require a login at all. By the way, to make the home folder sticky (not what I would ever recommend doing in the home folder) and make validateUser.php owned by root. But now it will run AS root, since it is suPHP. Where I gave up.
2) I could use the Gustav mod_auth , but I donβt like the fact that it requires a password in front (like old school websites).
3) I considered option 1) if I could redirect between virtual hosts. For example, restructure virtual hosts this way
VirtualHost = www.user1.example.com βββ test.php VirtualHost = www.user2.example.com βββ test.php VirtualHost = www.admin.example.com βββ validateUser.php
Then use mod_rewrite to redirect all traffic from users to www.admin.example.com/validateUser.php , and if the user is logged in (or if the login is completed successfully), the user is redirected back to the site from which they originally tried to log in. The advantage of this, even if possible, is that suPHP will not work until the user returns to his virtual host.