Thanks for the information.
In the code you provided
----if ((!$passwd) || (!$username)) // user hasnt logged in
{
.....
Actually I have implemented this in a separate page.
That is upon sign up of the <form> in the index page
I call a new page auth.php
In that file
I have done this authentication and called the function
header ("Location: /main.php?empid=$empid&pwd=$pwd");
Actually when passing this URL the password appears in the address bar.
How to over come this? It will be very much usefull if I get the answer.
Thanks in advance
-Murugesan
----------------------------------------------------------------------------
----------------------------------------------------------------------------
-
Ok lets say you want every user to login before they can access other parts
of your site.
index.php:
<?
session_name("mysessionname");
session_start();
session_register("s_authed");
$s_authed = 0; // initialize session flag
if ((!$passwd) || (!$username)) // user hasnt logged in
{
// display login form
...
}
else
{
// retrieve database username and password here
...
// check if they match
if (($db_passwd == $passwd) && ($db_username == $username))
{
$s_authed = 1; // user has been authorised
// redirect to real page
echo "
<script>
window.location='main.php'
</script>";
}
}
?>
main.php:
<?
session_name("mysessionname");
session_start();
if (!$s_authed) // check access
{
// user hasnt been authorised, therefore redirect to login page
echo "
<script>
window.location='index.php'
</script>";
}
else
{
// display page
...
}
?>
if a user tries to access main.php directly without logging in they will be
redirected to index.php
checkout http://www.php.net/manual/en/ref.session.php for more information
>
>
> Thanks for the message.
> Can you please tell me how to do session authentication?.
>
> -murugesan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
