Pages protected with a string.

[manuzuzu1010]

Hello all,

 
Sorry to bother you with  my ignorant questions. I am a noob PHP-er and will probably never be  good in this. I am trying to accomplish something and I hope you all  can point me in the good direction of designing it myself or to a  free open source script that I can edit.

 
How I explain it may seem  very strange as I do not know all the technical words so feel free to  ask me what I mean.

 
There should be two parts  of my site:

 
- mydomain.com/

 
and

 
- mydomain.com/newfolder

 
MYDOMAIN.COM/
This part of the site  basically has 1 page (mydomain.com/index.php).
This scripting on this  page has to be working together with a MySQL database (another thing  I do not know much about). On entering the script has to make a  random string (say: fjh9Yj098xT). This string has to be entered as a  record in the database, along with a time stamp an validity (lets say  by example 4 hours or 14,400 seconds).
After this it has to  redirect you to mydomain.com/newfolder with a special URL.

 
MYDOMAIN.COM/NEWFOLDER
This is where the main  part of the website is held and it will probably have around 200  pages.
To make clear what page  you will go to the URL will look something like “index.php?page=1”,  although typing that URL into the address bar will not work. It has  has to be combined with the string that was created on  mydomain.com/index.php.
If the landing page is  page 1 you will land on mydomain.com it will route you to  “mydomain.com/newfolder/index.php?page=1&string=fjh9Yj098xT”.  On entering the page has to check in the database if that string is  existing and of course still valid (as we put on a time limit of  4  hours or 14,400 seconds).
If this is all okay the  page will show as normal and from there you can click to other pages  (by example  index.php?page=2&string=fjh9Yj098xT,   index.php?page=3&string=fjh9Yj098xT,   index.php?page=3&string=fjh9Yj098xT, etc. Every page will do the  same check in the database (does the string exist and is it still  valid).

 
Say someone tries to make  up his own string (example:  “mydomain.com/newfolder/index.php?page=1&string=aaaaaaaa”),  the page will notice this string has never existed and show a text  like “Sorry, you are not authorized to view this page.”.
If someone tries to use an  old string (say he bookmarked a page) and goes to  “mydomain.com/newfolder/index.php?page=1&string=fjh9Yj098xT”  any time after the 4 hours when it was still valid. It will give a  different message for example: “Sorry this session has expired”.

 
Security does not have to  be so high that only the person that has the string can see the site.
Lets say I browse trough  the site and I think “index.php?page=132&string=fjh9Yj098xT”  (page 132) is very interesting and I put it on Twitter, anyone that  clicks on that link withing the time limit will be able to view it  and browse trough the site.

 
There is one more thing  that I am worried about and that is “linking”.
Lets say on all pages I  have a menu that has 5 links on on it. How do I accomplish that those  links will have “&string=fjh9Yj098xT” after them, so people  will be able to view them?

 
I hope you all can point  me in the right direction and again apologies for my ignorant  questions.

 
Also thank you all in  advance for all your answers and help!

 
Manu

[RobPuck]

I understand what you mean, But I need more information.
 
One is this a pay site?
If so then it should work once payment is complete update mysql where username paid
 
if this is not a paid site then just use a register and login script to register into mysql and once registered login to website/newfolder.
 
and if you want to set it u[p where the users has x amount of time in this folder setup some timer script to log the username out and lock the account out untill payment is complete again.
 
I dont know really all the scripting code off hand but google search will help you get started with coding.
 
GET A LAY OUT PLAN.
First think how it works.
1 Create a registration page. php to insert into mysql.
2 Create a login page .php to login and pull the correct data back to client.
3 Test and make a new field in mysql to check if the account has paid = 1 non pay = 0
4 Then go back to login php script to check if filed paid in accounts is a 0 or a 1 if one login.
5 once all that works the correct way. then work on making a php payment script.
6 Payment script willl do some thing like this.
7 Add  the free information page once login but not with full access called subcribe or buy now.
8 Once the user clicks that button they get driected to paypal or some other money system.
9 once payment is complete  the script will update the filed paid to 1. or some thing.
TEST AND RETEST OVER AND OVER AND SEARCH YOULL: GET IT.

[manuzuzu1010]

No it is not a paid site.
It is purely to keep the URL's changing, but still easy to access from mydomain.com/index.php.


I am also not thinking about a login, purely as you cannot send the link to other for viewing within the time limit.
In that case you need to be logged in.