hea
a better way is to include your admin pages.
if ($myrow[Admin] == "Y"){
include("admin.php");
}else{
include("user.php") ;
}
so you can also include at the top of this example a general header with
menu's etc.
gurix
"Matt Stewart" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> yeah, i know this, but i'm just trying to get this to work before i add
some
> security in there - passing sessions through etc to ensure they're logged
in
> as admin etc.
> it doesn't really have to be that secure for what i want anyway, but
> probably a good job you pointed that out ;)
>
> -----Original Message-----
> From: Fred [mailto:[EMAIL PROTECTED]]
> Sent: 04 January 2002 21:18
> To: [EMAIL PROTECTED]
> Subject: [PHP-DB] Re: Redirecting to a new page
>
>
> Please note, that this is a very insecure way of determining which page a
> person gets to view. All they would have to do is enter the admin.php url
> in the browser and they get admin access even if they are not admins.
>
> Fred
>
> Matt Stewart <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Can't find the right instructions on php.net, basically, i want a page
> where
> > someone logs in, and then according to the database entry for them,
either
> > they are an admin user or a normal user, and it should then send them to
a
> > page depending on which they are.
> > I've accessed the db ok, and checked which they are, then i've used
> >
> > if ($myrow[Admin] == "Y"){
> > print "Location:admin.php";
> > }else{
> > print "Location:user.php";
> > )
> >
> > this doesn't sem to work - just gives a blank screen with the standard
> html
> > headers and footers, rather than the desired location page.
> >
> >
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.312 / Virus Database: 173 - Release Date: 31/12/01
> >
>
>
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
> ---
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.312 / Virus Database: 173 - Release Date: 31/12/01
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.312 / Virus Database: 173 - Release Date: 31/12/01
>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
