On Sat, 2006-10-28 at 22:57 +0100, Mark Mckee wrote:
> hi all
>
> im having a little trouble with a login script. all works fine but i can
> still access the admin pages with the full url. do you have any pointers
> on how i can solve this?
You have to check that they are logged in on every page that they must
login to access. I am doing something similar on one of my sites. At the
beginning of each page they must login to access, I am checking for the
login. If they are not logged in, then I am redirecting them to the
login page.
I am using sessions in mine, but you should be able to easily adapt this
for cookies. Something like this (WARNING: this has not been tested):
// If the user and pass cookies are not set, redirect to the login page.
if ( (! is_set($_COOKIE[user])) && (! is_set($_COOKIE['pass'])) ) {
header("Location: login.php");
}
HTH,
--
Doug
Registered Linux User #285548 (http://counter.li.org)
----------------------------------------
Random Thought:
Life is not for everyone.
Community email addresses:
Post message: [email protected]
Subscribe: [EMAIL PROTECTED]
Unsubscribe: [EMAIL PROTECTED]
List owner: [EMAIL PROTECTED]
Shortcut URL to this page:
http://groups.yahoo.com/group/php-list
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/php-list/
<*> Your email settings:
Individual Email | Traditional
<*> To change settings online go to:
http://groups.yahoo.com/group/php-list/join
(Yahoo! ID required)
<*> To change settings via email:
mailto:[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
