set a cookie, and delete it with a logout button or when the user leaves your domain
"Joe Van Meer" <[EMAIL PROTECTED]> schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi there. I'm new to php and would like some insight on securing a website. > Upon successful login to my site (checks against database for username and > password) I assign a session variable called '$islogged' to 'yes'. On all > other pages throughout my site I use the following code to determine if this > variable is set, and if not redirect them to the login page. > > if($islogged = = "no"){ > > header("Location:index.php"); > } > elseif(EMPTY($islogged)) > { > header("Location:index.php"); > } > > > This seems to work, however, if I close out my browser and say type in > main.php (this page has the above code) in the address bar I can still > access the page. How can I fix this? Is there something else I could be > doing to improve the functionality? > Any insights would greatly be appreciated. > > Cheers Joe:) > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]