I include this file on the top of all my scripts:
/admin/index.php is the script where i do the login
andrés
- Original Message -
From: "William Fong" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, February 12, 2002 2:52 PM
Subject: Re: [PHP-DB] Requ
This is at the top of every file requiring an authenticated user on one of
our sites:
and secure.php consists of this, all on one line, with no cr or lf at the end.
The user_logon.php script handles all details of processing the user:
reading their cookie and authenticating, prompting for us
ECTED]
- Original Message -
From: "Jonathan Underfoot" <[EMAIL PROTECTED]>
To: "jas" <[EMAIL PROTECTED]>
Cc: "[PHP-DB]" <[EMAIL PROTECTED]>
Sent: Tuesday, February 12, 2002 2:21 PM
Subject: Re: [PHP-DB] Required pages...
: Personally, I'
ED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, February 12, 2002 5:18 PM
Subject: RE: [PHP-DB] Required pages...
> Verify that $HTTP_REFERER is the URL the user was supposed to come from.
> Somethig like (you may have to tweak it because I cannot test where I am
> now):
>
&g
Personally, I'm not quite sure what the best way to do it would be. (I
don't use sessions personally.) But I've noticed recently on certain "less
than scrupulous" websites that they're using javascript to track down the
user's last page (to make sure they voted.) You'd have to track down the
jav
Verify that $HTTP_REFERER is the URL the user was supposed to come from.
Somethig like (you may have to tweak it because I cannot test where I am
now):
if( strcmp($HTTP_REFERER,"www.mydomain.com/login.html") )
{
header("Location: http://www.mydomain.com/login.html";);
exit;
}
--
