Jump to content

protection - no protection


Recommended Posts

Hi, I'm currently using an excellent php script to password my page but once 'in' the user can copy the url from the address bar and reuse it anytime (including sharing it) without logging in again. Surel this is nt right? How can I protect my page ensuring that every visit needs to login?

Link to post
Share on other sites

Use sessions. After a successful login, your login page should set a sessions variable, such as $_SESSION['userid']. Protected pages should check that the correct session variable is set. Do it before outputting any content. If the variable is not set, send a location header to redirect users to the login page (or take similar action).This is a pretty standard technique.

Edited by Deirdre's Dad
Link to post
Share on other sites
Use sessions. After a successful login, your login page should set a sessions variable, such as $_SESSION['userid']. Protected pages should check that the correct session variable is set. Do it before outputting any content. If the variable is not set, send a location header to redirect users to the login page (or take similar action).This is a pretty standard technique.
Thankyou for your response. I have to apologize. I am afraid I used an asp script not php. I need to ask this question elswhere.
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...