I wish to limit use of files in Apache. A listing of restricted files ought to be variable. If your file access is fixed along with a specific cookie isn't found, the consumer ought to be rerouted to some website (with possible ways to obtain the cookie) - whether it was discovered, the file is going to be "loaded".

I must solve this issue with mod_rewrite.

My thought is the fact that I redirect all demands to some handler.php script.

This "handler.php" searches for the request and decides when the access is permitted. Not a problem until here.

The issue is now, that - when the access is permitted - the file needs to be loaded. Therefore, I don't be aware of mime, filesize etc.

Of couse, I possibly could write something similar to

if ($ext == '.jpg') header('Content-Type: ...')

However I don't want to make use of this solution, since I wish to process ALL POSSIBLE files (png, presen, exe, mp3, zip, ETC). The issue is which i cannot know all mime types.

It is always good basically could call Apache (inside a subrequest) to load the file (this time around with no handler.php).

During my situation I don't want to safeguard assets the strict way like mod_auth, since i have simply want to give a disclaimer to mature content (attracted artwork which consists of bloodstream and isn't great for children). If your cookie wasn't found, I must show the disclaimer, and when the cookie can there be, I'm able to show the image.

Thinking about you want to bar use of all assets within given path, it appears in my experience that maybe Apache authorization is the foremost wager for you personally. It is a considerably cleaner solution than by hand checking the session on every resource request, and also you will not encounter this content type handling problems that you are explaining.


For the reason that situation, It is best to consider dealing with snacks and .htacces.

RewriteEngine On

RewriteBase /

RewriteCond % !CookieName= [NC]

RewriteRule .* http://world wide web.example.com/people/login.php [L]