If it's simple security then you might want to use an .htaccess file instead
of coding something.
More complex solutions involve asking the user for credentials, validating
those credentials and then storing something in the $_SESSION that indicates
that this user has been validated.
It can be something as simple as $_SESSION['isOK'] = true; to creating a
Person object with various credentialling information and storing it.
$_SESSION['currentMember'] = new Person();
$_SESSION['currentMember']->setLogin('myUserName');
$_SESSION['currentMember']->setPassword('someSillyPassword');
$_SESSION['currentMember']->load();
if !$_SESSION['currentMember']->isA('SYSADMIN){
die("Begone form here you freakin' script-kiddie!");
} // if !$_SESSION['currentMember']->isA('SYSADMIN)
// normal code goes here.
In the above example it is assumed that you have created a Person object to
deal with everything.
HTH,
=C=
*
* Cal Evans
* The Virtual CIO
* http://www.calevans.com
*
-----Original Message-----
From: Pag [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 12, 2002 10:12 AM
To: [EMAIL PROTECTED]
Subject: [PHP] security login
Well, first off sory for a very basic question, but i really dont know
where else to look for the answer. Heres my dilemma:
I need to code a backend for this site i am building, the backend will
manage the news for the front page. The database stuff is pretty straight
forward (so far!), but i need to validate who does the managing, i mean,
some sort of login for only a few people. I am thinking of using
username/pass from a table and all that but the thing is, how do i do the
validating itself? Sure i know how to check for valid user/pass, but then
what happens for the rest of the pages inside the backend, how do i keep
the user validated and make sure only he can browse inside that "secure"
mini site?
Dont know if i am explaining things right, hmm, ok, any of you guys are
familiar with gryematter? It validates the user at the start and then we
can do whatever we want inside. I want to prevent users from skipping the
login and just typing the other page url and go on from there.
I use sessions, cookies? what? can you provide me with some urls for my
research, or at least what to look for?
Thanks a lot, really appreciate all the help.
Pag
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
