edwind Posted May 26, 2011 Share Posted May 26, 2011 Hi, I'm currently using an excellent php script to password my page but once 'in' the user can copy the url from the address bar and reuse it anytime (including sharing it) without logging in again. Surel this is nt right? How can I protect my page ensuring that every visit needs to login? Link to comment Share on other sites More sharing options...
ProblemHelpPlease Posted May 26, 2011 Share Posted May 26, 2011 Can you post the php script, its hard to help without seeing it. Does the script make use of cookies? Link to comment Share on other sites More sharing options...
jeffman Posted May 26, 2011 Share Posted May 26, 2011 Use sessions. After a successful login, your login page should set a sessions variable, such as $_SESSION['userid']. Protected pages should check that the correct session variable is set. Do it before outputting any content. If the variable is not set, send a location header to redirect users to the login page (or take similar action).This is a pretty standard technique. Link to comment Share on other sites More sharing options...
edwind Posted May 27, 2011 Author Share Posted May 27, 2011 Use sessions. After a successful login, your login page should set a sessions variable, such as $_SESSION['userid']. Protected pages should check that the correct session variable is set. Do it before outputting any content. If the variable is not set, send a location header to redirect users to the login page (or take similar action).This is a pretty standard technique.Thankyou for your response. I have to apologize. I am afraid I used an asp script not php. I need to ask this question elswhere. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.