Aaron,
The way to do it is to have an authentication page where users log in. A successful login starts the session, on each subsequent page test for the session and if it is not present, redirect to the login page. This test is just one line at the top of each page you want to protect.
This way if someone comes to a members page through something like Google, they will be redirected automatically to the login page.
Trust this his helpful - Miles Thompson
At 11:42 AM 8/5/2004, Aaron Todd wrote:
Hello,
I am trying to build up a members only site, but I need some direction. So far I have written a page that will let a user register for access. That script emails me their info so I can validate it, sends them a "thankyou" email and then sends the data to a temporary MySQL database table. In the email that I get I created two links. One will send the user an acceptance email and put their info in a final database table. The other will send the user a Deny email and will delete their info from the temporary database table.
I have also created a login script that will ask for a username and password and verify it with the database. If its all correct then it will redirect you to a restricted page.
The direction I need is how do I go about restricting access to the members only pages? I have been reading up on sessions, which I think will be a cool addition to this site, but I still havent found much on restrictin access without a username and password. Currently my login and registration pages are located in the root of the domain. The all the members only pages are in a directory called /members/.
Can anyone give me some direction on how I should go about all this.
Thanks,
Aaron
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
