Basically you need first to authorise the user. Check the username and
password against an entry in a user table in the database.
If you are using sessions set a variable that makes the session authorised,
you are not using sessions then you need some sort of session management. (I
have the code, contact me off list if you want it )
if(login ok) $authorised = 1;
At the beginning of any page you want protected
if(!$authorised) die ('you are not authorised to view this page etc etc');
will do the trick
regards
Peter
-----------------------------------------------
Excellence in internet and open source software
-----------------------------------------------
Sunmaia
www.sunmaia.net
[EMAIL PROTECTED]
tel. 0121-242-1473
-----------------------------------------------
> -----Original Message-----
> From: Achilles Maroulis [mailto:[EMAIL PROTECTED]]
> Sent: 08 December 2001 08:10
> To: PHP mailing list
> Subject: [PHP-DB] Passwords
>
>
> Hi folks.
>
> I have a quetion for you which maybe a little silly as I'm still
> new here..
> I want to build a database in which access will have only
> registered memebers, so I need to protect it. The database will
> have over 100000 records and hopefully over 1000 users-visitors.
> Everyone of them is going to have his own password. I suppose I
> will have to build a table with usernames and encrypted passwords
> but what I don't know is how to protect the pages not to be seen
> without authorization. At first I thought about the .htaccess and
> .htpasswd files but I'm not sure yet...
> Can anyone suggest the best way to protect my database? If it is
> to complicated to be explained in an email please suggest just
> the functions names and I'll try to find the way...
>
> Thanx
> Achilles
>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
