On Monday 29 April 2002 10:11, Norman Zhang wrote:
> Hi,
>
> I want to set up a check that the page cannot be exacted by calling from
> another page. E.g., members.php can only be excited if it called by
> login.php.
>
> So I set
>
> if (eregi("members.php", $_SERVER['PHP_SELF'])) Header("Location,
> login.php");
>
> at the very top of members.php. But I am being redirected to login.php no
> matter if members.php was called from login.php. What's proper way of
> implementing this?
In your code, assuming your regex is correct it matches *all* the time, thus
no matter how you get to members.php, you'll be redirected to login.php.
And do you really only want to let people access members.php directly after
visting login.php? How about if they login, go to the members page then go
somewhere else on your site, then try to go back to the members page and they
can't!
I would suggest that you use a more robust mechanism, such as sessions, for
allowing/denying access to certain pages.
--
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
/*
To generalize is to be an idiot.
-- William Blake
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
