What you should do is check the session variable from within PHP. If it
doesn't exist, you redirect to a PHP authentication form.
So at the head of each page you need something like:
if(session_is_registered("logged_in") == false)
header("location: login.php"); // redirect to login page
// continue on here
And in your PHP authentication form, you register the logged_in variable
after the user details have been authenticated:
// user details have been authenticated at this stage
$logged_in = true;
header("location: somepage.php"); // redirect to the page they were
originally going to
> I have been using the .htpasswd/.htaccess convention to authenticate our
> 3000 employees.
> I want to move away from the .htpasswd/.htaccess convention and use a PHP
> form to authenticate against the database.
> I can create the PHP authentication page, no problem, but how do I check
> authentication on the thousands of HTML pages I already have on the site?
> For several reasons I don't want to do cookies. Can I set a session
> authentication form?
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]