|
|
Posted by Beauregard T. Shagnasty on 06/12/07 15:41
T. Wintershoven wrote:
> Hello all,
>
> My website is built in HTML and PHP. On it, there is a menu wich
> visitors can use to go to the pages. Some pages are secured by PHP
> code to make sure that only people who are logged in can access them.
> But..... If a visitor types the address (URL) to a certain secured
> page directly in the addressbar of the browser, he/she can still
> access this page despite he/she is not logged in at all.
>
> Question:
> Is there a way to avoid this problem and give a visitor, who accesses a page
> without using the menu, a kind of warning and redirect to the homepage.
Yes, you have to use a global or session variable at the start of each
of the pages. If it is false, redirect to the main page. Set it to true
on the login page.
$lauthorized = $_SESSION['gblauthorized'];
if ($lauthorized <> true ) {
header("Location: index.php");
exit;
}
You could also use "Y" or other key letter or phrase instead of true.
--
-bts
-Motorcycles defy gravity; cars just suck
Navigation:
[Reply to this message]
|