jck has asked for the
wisdom of the Perl Monks concerning the following question:
For many years, I have been using Randall Schwartz's script to password protect an area of our organization's website.
Recently, members have requested that we post links to PDF files that are confidential for member's eyes only. But, obviously, if I just put the link to the file into one of our protected pages, there's nothing to stop someone from sending that link to a nonmember who can access the file by pasting the URL into a browser.
I would like members to be able to access the file if their logged in, and not require them to enter another password to unlock the file (ie by password-protecting the file).
Can anyone suggest a way for me to check that a member is logged in before loading the file, and redirecting the login page if they aren't logged in? I'm worried about creating a self-referring loop.