why don't u do something like if (!username) { you can not access this page } else { //page content }
? that's a quick fix but might be all you need to do.. > -----Original Message----- > From: Tim Thorburn [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, 23 July 2002 5:01 PM > To: [EMAIL PROTECTED] > Subject: Re: [PHP] redirecting after login > > > > > > >Once they've been redirected, can they just bookmark the resulting page > >and never have to log in again? > > > Actually, yes - after a couple hours of playing around with the login and > finally getting the Meta tags to work for me, I found that if the person > were to simply type in the URL of the protected page, they would > have full > access. Right now I'm playing with sessions and global sessions > to try and > correct this problem. Although its not working as well as I had hoped. > > Basically the plan is for all users to goto Page 1 - the login page, and > then be re-directed to their proper destination - Page 2. But, > if a clever > bad person were to simply type in the URL to Page 2 they could > have access > to the database and run amuck. So I added a line checking to see if the > session from Page 1 is registered, if not, goto Page 1. That > part works - > what doesn't work is after they login to Page 1, the redirect > sends them to > Page 2 and right back to Page 1 because the global session isn't staying > registered. > > Since its 2am I'm quitting for the nite ... but maybe some friendly > European people awake at this hour might have an idea on this > one? Or even > friendly caffeine addicts on the side of the pond :P > > Thanks > -Tim > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php