> What I do on my pages is perhaps a convoluted way of doing it but it
> works.  I set a username and password session variables. Every time
> page loads the script verifies the username and password are correct.
> not, they don't get to see the rest.  This, in my mind, pervents
> from supplying a key variable like $_session['logged_in'].  This way
> have to know the username and password.

But users can't supply session variables. So if your script sets
$_SESSION['logged_in'], then only your script can change it's value. 

---John Holmes...

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to