I have written a script that validates a username/pwd input and if usr/pwd is correct, includes the protected page, or if usr/pwd is wrong, input page reloads the form onto itself with a form submit. all of the code is correct, except that the secured page is viewable from the internet if i explicitly enter the url. I have set the secured page's permissions to 700 and the input page to 755. even though my permissions disallow outside access, why can you get to the secured page?
any help or thoughts is appreciated -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
