In a revised scheme for a customer I'm doing # 3.
User can come into any page, a bit of PHP at the top does this:
starts session
registers "origin"
assigns PHP_SELF to $origin
checks to see if another session var is set and directs to logon page if not
if( !session_is_registered( "member_id" ) ) { header("Location:
logon.php\n")};
Where they are logged on and member_id is set. There's nothing magic
about member_id, it's simply a token and has no content. After
authentication the user is returned, via a header command, like so:
header("Location: $origin");
If authentication fails they loop on the logon page, which has links to
a registration and lost my password forms.
The neatest part of this is that any page can be protected from
unauthorized viewing merely adding a bout 6 lines of code at the top and
saving it with a php rather than html extension.
Regards - Miles Thompson
http://www.cqagroup.ca
At 12:47 PM 12/4/2001 -0500, Jim wrote:
>There are many different ways to do this ...
>
>1. Have the same PHP script that validates generate the login page. This
>way the script always has the correct data and you don't need to pass anything.
>
>2. Header("Location: login.php?err=$err&user=$user&pass=$pass");
>This will work, but the bad password will be visible in the query string.
>
>3. Start a session at the login page and register the variables you need
>to use on the login page.
>
>Jim
>
>
>
>
>>Hi,
>>
>>I wonder if someone could tell me whether or not the following is
>>possible?
>>
>>I have an HTML form which passes a username and password to a PHP script
>>for validation. If either is not valid, I would like it to return to the
>>previous page - carrying with it a variable plus the submitted form
>>information...
>>
>>=-=-=-=-=-=-=-=-=
>>if (strlen ($password1) <4 ) {
>> $err = "Password must be more than 4 characters long";
>> header("Location:http://somelocation.php";);
>> // ^-- at the location, the $err and form variables will be available
>>
>> exit;
>>}
>>=-=-=-=-=-=-=-=-=
>>
>>Is it possible to this without using an HTML form?
>>
>>Thanks very much in advance.
>>
>>- Best regards,
>>
>>Lee
>>
>>
>>--
>>PHP General Mailing List (http://www.php.net/)
>>To unsubscribe, e-mail: [EMAIL PROTECTED]
>>For additional commands, e-mail: [EMAIL PROTECTED]
>>To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
>--
>Jim Musil
>---------
>Multimedia Programmer
>Nettmedia
>-------------
>212-629-0004
>[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
