yeah, i know this, but i'm just trying to get this to work before i add some security in there - passing sessions through etc to ensure they're logged in as admin etc. it doesn't really have to be that secure for what i want anyway, but probably a good job you pointed that out ;)
-----Original Message----- From: Fred [mailto:[EMAIL PROTECTED]] Sent: 04 January 2002 21:18 To: [EMAIL PROTECTED] Subject: [PHP-DB] Re: Redirecting to a new page Please note, that this is a very insecure way of determining which page a person gets to view. All they would have to do is enter the admin.php url in the browser and they get admin access even if they are not admins. Fred Matt Stewart <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Can't find the right instructions on php.net, basically, i want a page where > someone logs in, and then according to the database entry for them, either > they are an admin user or a normal user, and it should then send them to a > page depending on which they are. > I've accessed the db ok, and checked which they are, then i've used > > if ($myrow[Admin] == "Y"){ > print "Location:admin.php"; > }else{ > print "Location:user.php"; > ) > > this doesn't sem to work - just gives a blank screen with the standard html > headers and footers, rather than the desired location page. > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.312 / Virus Database: 173 - Release Date: 31/12/01 > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.312 / Virus Database: 173 - Release Date: 31/12/01 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.312 / Virus Database: 173 - Release Date: 31/12/01 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
