I'm currently trying to use a script that ensures users are logged into a central sign-on system.
The problem is that any files, including PHP and image files, in this sub-folder are not accessible when included, whether simply when using <?php include 'file.php' ?>
, just as an image, i.e. <img src="image.png" />
, etc.
The code that I am using in the .htaccess file is below:
RewriteEngine on
# The original URL is set as an environment variable SSO_REQUESTED rather than
# a query parameter, so it's not vulnerable to hacking.
# It shows up in PHP as $_SERVER['REWRITE_SSO_REQUESTED'].
RewriteCond %{REQUEST_URI} !ssoclient
RewriteRule (.+) /sso/ssoclientfilter.php [E=SSO_REQUESTED:$1,L]
Any help here would be greatly appreciated.