Darkness Posted July 2, 2007 Share Posted July 2, 2007 Hello,How would you protect a page from being accessed unless you authorize them? Such as, if they try to go to /login.php. If they try to access that page without first filling out the form on /login.html, give them an error. I've heard of something called mod_rewrite, however, I use a free host, so I don't have server access, so I can't, I think. Using Sessions wouldn't be the best way either.Thanks! Link to comment Share on other sites More sharing options...
justsomeguy Posted July 2, 2007 Share Posted July 2, 2007 Using sessions is the best way. Set the username in the session when they login and check the session on every other page. If it's empty or you can't find the user in the database, then you redirect them back to the login page. You could also store a username and encrypted password in a cookie. You would need to save the encrypted password because if you just have the username someone could create a fake cookie. You don't need to do that with the session because a user can't control what is in the session. Link to comment Share on other sites More sharing options...
Darkness Posted July 2, 2007 Author Share Posted July 2, 2007 I see. I think I know what I could try now, using the information you gave me. Thank you. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.