hi Vinny, On 7/13/05, Vinny Lape <[EMAIL PROTECTED]> wrote: > If user validates then look at db entry location then redirect to > mydomain.com/"location"/index.php
i don't think it's a good idea. what if the user bookmarked or took down a notice with the URL to your "secured" page (mydomain.com/location/index.php)? then he would just type the url heading directly for the bypassing your login page! i think u might want to put the user authorization code in your index php or even better put it in a file and require() that file at the top of of any page u want to protect. you can either use sessions or plain HTTP authentication (which is not a very good idea). -ahmed -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
