At 04:12 PM 8/12/2002 +0100, Pag wrote:
Here is my humble, but relatively effective solution for a low security site.
Create a file called security.php and require it at the head of every
secure page. This is the one I use.
<?
session_start();
if(!session_is_registered("userinfo"))
{
echo "<h1>You are not logged in. Please do so.</h1><BR>";
echo "<a href=\"login.php\">Login Here</a>";
exit;
}
else
{
echo "You are currently logged in as: $userinfo[name] <BR>";
echo "If you are not $userinfo[name] please <a
href=\"logout.php\">Logout</a>.<BR> Thank you.<BR><BR>";
}
?>
All you need your log in script to do is check the user name and password
against what is stored in the database and register a session.
You can store lots of useful information in the session as well. I find it
useful if you want to give different users different permission
levels. That way you can late check the session data to see if they have
permission to update the news, or publish an article.
Nick
> Well, first off sory for a very basic question, but i really dont
> know where else to look for the answer. Heres my dilemma:
>
> I need to code a backend for this site i am building, the backend
> will manage the news for the front page. The database stuff is pretty
> straight forward (so far!), but i need to validate who does the managing,
> i mean, some sort of login for only a few people. I am thinking of using
> username/pass from a table and all that but the thing is, how do i do the
> validating itself? Sure i know how to check for valid user/pass, but then
> what happens for the rest of the pages inside the backend, how do i keep
> the user validated and make sure only he can browse inside that "secure"
> mini site?
> Dont know if i am explaining things right, hmm, ok, any of you
> guys are familiar with gryematter? It validates the user at the start and
> then we can do whatever we want inside. I want to prevent users from
> skipping the login and just typing the other page url and go on from there.
> I use sessions, cookies? what? can you provide me with some urls
> for my research, or at least what to look for?
> Thanks a lot, really appreciate all the help.
>
> Pag
>
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
