One other problem is that I need to know the page the came from in order to
reload it. i.e. if they try to access a restricted page from six.html I
want to reload six.html - if they try from eight.html then eight.html needs
to be reloaded.
----- Original Message -----
From: "David Otton" <[EMAIL PROTECTED]>
To: "Beauford.2002" <[EMAIL PROTECTED]>
Cc: "PHP General" <[EMAIL PROTECTED]>
Sent: Sunday, March 23, 2003 12:37 PM
Subject: Re: [PHP] reloading a page..
> On Sun, 23 Mar 2003 12:15:25 -0500, you wrote:
>
> >Not sure why things like this are so difficult. I have an authentication
> >script which allows users access to certain pages based on their user
level.
> >If they click on a link to go to a page their not allowed to, I want to
be
>
> First, why are the pages they can't access displayed as active links?
>
> >able to just reload the page their on and display a message saying they
are
> >not authorized to view that page - do you think I can get the page to
>
> You don't need to reload the page. At the top of each page, put your
> check routine.
>
> if (access_granted == FALSE) {
> show_access_denied_message;
> exit;
> }
>
> show_regular_page;
>
> >reload.....I've tried the header thing (but can't because headers are
> >already sent),
>
> Either rewrite your page so the security check comes before any output
> is sent, or use the output buffering functions (ob_start(), etc)
>
> >I've tried playing around with $PHP_SELF with no luck, I've
>
> That's passed to the script from its environment... changing it will
> have no effect on the script's environment.
>
> >looked for javascripts with no luck. Anyone have any ideas?
>
> You can't rely on Javascript for security.
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
