I have a weblog type script I'm building for a friend where there are main 
posts then comments - Registered users can post comments, unregistered don't 
even have the option.  I was thinking of making a page where a user logs on, 
then it registers a session with a few variables like $sid, $username, etc.  

IF a user is logged on, they can post, if not they don't even see the option. 
Instead of doing a SQL query everytime they look at the posts, I was thinking 
of registering a variable called like $true where if they're logged on, it's 
set, and if it's set they see the option to post.  The only thing I'm worried 
about though is that someone could probably figure out to type in something 
like comments.php?true=1 and that would allow anonymous posting, which I 
don't want.  Is there anyway to set a variable that can't be set in a query 
string?  Or, is there even a better way of doing something like this?

Sorry if I don't make much sense in this question, explaining what a script 
is supposed to do is kind of difficult for me :)

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to