|
|
Posted by UKuser on 06/12/07 16:05
On 12 Jun, 16:42, UKuser <spiderc...@yahoo.co.uk> wrote:
> On 12 Jun, 16:17, "T. Wintershoven" <t...@wedevries.nl> wrote:
>
>
>
> > Hello all,
>
> > My website is built in HTML and PHP.
> > On it, there is a menu wich visitors can use to go to the pages.
> > Some pages are secured by PHP code to make sure that only people who are
> > logged in can access them.
> > But.....
> > If a visitor types the address (URL) to a certain secured page directly in
> > the addressbar of the browser, he/she can still access this page despite
> > he/she is not logged in at all.
>
> > Question:
> > Is there a way to avoid this problem and give a visitor, who accesses a page
> > without using the menu, a kind of warning and redirect to the homepage.
>
> > Thanks in advance.
>
> > Regards,
>
> > Tino Wintershoven
>
> Hi Tino,
>
> I put a code in the top of each page to check for the presence of a
> cookie I create when they login.
>
> If its not there I redirect them to the login page or give them an
> error.
>
> Hope that helps
>
> A
Be aware as well - sessions are fine if you're on a dedicated server
but on a shared server - sessions can be accessed by other scripts on
the same server unless the tmp folder is protected.
Navigation:
[Reply to this message]
|