> >Once they've been redirected, can they just bookmark the resulting page >and never have to log in again?
Actually, yes - after a couple hours of playing around with the login and finally getting the Meta tags to work for me, I found that if the person were to simply type in the URL of the protected page, they would have full access. Right now I'm playing with sessions and global sessions to try and correct this problem. Although its not working as well as I had hoped. Basically the plan is for all users to goto Page 1 - the login page, and then be re-directed to their proper destination - Page 2. But, if a clever bad person were to simply type in the URL to Page 2 they could have access to the database and run amuck. So I added a line checking to see if the session from Page 1 is registered, if not, goto Page 1. That part works - what doesn't work is after they login to Page 1, the redirect sends them to Page 2 and right back to Page 1 because the global session isn't staying registered. Since its 2am I'm quitting for the nite ... but maybe some friendly European people awake at this hour might have an idea on this one? Or even friendly caffeine addicts on the side of the pond :P Thanks -Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
