|
Posted by Drazen Gemic on 09/15/05 00:14
On Wed, 14 Sep 2005 13:00:10 -0700, vaudr wrote:
Maybe you should provide a login form for authorized users.
Authorized users should have her/his name checked against database,
and if correct, she/he should be allowed to enter administration part
of the site.
Ordinary users could get access level 0, and authorized should get access
level 1, for example. Access code could be stored in HTTP session (PHP
$_SESSION array)
Each and every page in the administration page sholud have access level check code
at the beggining. If the access level is not sufficient, user should be
redirected to the error page.
DG
[Back to original message]
|