Miller" <[EMAIL PROTECTED]>
To: "'Bryan McLemore'" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, September 23, 2002 4:06 PM
Subject: RE: [PHP-DB] advise needed for 'authorized only' site
> > you could make them log in once p
> you could make them log in once per session and just have
> every page check and see if they already have logged in and
> if they have not then trigger the login mechanism.
>
This is what I do. I have a file/function called verify that I call at
the top of every page that I want secure (and
At the top of every page ...
The "lancelot" and "grail" were used only so that ht:dig could index the
site, so they can be chopped out. The "member_id" flag was set in
user_logon2.php.
User_logon2.php was a little more complex. The goal was to allow only one
user in from one browser on one
: 'PHP DB'
Subject: RE: [PHP-DB] advise needed for 'authorized only' site
I had a similar problem, but I can't promise that my solution is the best
way to go about it. After the user was validated, I set a cookie. I then had
all subsequent pages start with an if statement th
> I have set up a section of my company site for use by authorized dealers
> only. I am currently using
> mysql authorization, which works for the first page, but if someone were
to
> type in the url of an
> underlying page they would be able to get in without authorization. I know
> I could use .
I had a similar problem, but I can't promise that my solution is the best
way to go about it. After the user was validated, I set a cookie. I then had
all subsequent pages start with an if statement that checked for the cookie.
If there was no cookie, they were sent back to the entry point. Anothe
you could make them log in once per session and just have every page check
and see if they already have logged in and if they have not then trigger the
login mechanism.
Not sure exactly how to implement but I've read on the practice before.
-Bryan
- Original Message -
From: <[EMAIL PROT