Sandbox

Hi all,
Not really sure where to put this question, so here goes:
I have a php application hosted on a difrent server than my joomla site due to the need to use a diffrent database.
To put it out there I have it in a wrapper on my site. Still, I would like to verify that ppl have at least logged into my site (prevent direct access, that is). I tried to get a $_SESSION object going, but it seems to be empty so I guess either joomla login is handelled diffrently or the object is simply not accessible to the wrapper.

Anyone know if there is passed any information to the wrapper that might be useful to me? Any ideas would be appresiated, really

And finally, thx all for a very friendly and useful forum 

So are you needing write code in order to do this?
Or are you just asking how to restrict access to the wrapped page with the application on it?

I aready have restricted access to the wrapper by making it only available to registered users. But still I would like to write some code into my application to verify that they actually access it through my site. It this was a component I could have in joomla I know I could write something like defined("_JX... something.

In other words I would like to force ppl to go there through the site (and login) and not by accidentally stumbeling upon my application by chance or as someone did; reading the source code and finding out they could just go to http://myappdomain.net/myapp.php rather than logging into the site first.


Thx for all answers guys.

Put this:



at the top of your wrapper.  That will kill requests for direct access.

Unfortunately, this didn't do the tric. Gives me the Restricted access message even tho I access it through the wrapper on the site

You have to use some XSS techniques (-X-Cross Site Scripting) in order to pass variables between both applications; this way you can write some logic to block direct access and construct the wrapper mechanism.

Saludos.