hi Vinny,

On 7/13/05, Vinny Lape <[EMAIL PROTECTED]> wrote:
> If user validates then look at db entry location then redirect to
> mydomain.com/"location"/index.php

i don't think it's a good idea. what if the user bookmarked or took
down a notice with the URL to your "secured" page
(mydomain.com/location/index.php)? then he would just type the url
heading directly for the bypassing your login page! i think u might
want to put the user authorization code in your index php or even
better put it in a file and require() that file at the top of of any
page u want to protect. you can either use sessions or plain HTTP
authentication  (which is not a very good idea).


PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to