you could make them log in once per session and just have every page check
and see if they already have logged in and if they have not then trigger the
login mechanism.
Not sure exactly how to implement but I've read on the practice before.
-Bryan
- Original Message -
From: [EMAIL
I had a similar problem, but I can't promise that my solution is the best
way to go about it. After the user was validated, I set a cookie. I then had
all subsequent pages start with an if statement that checked for the cookie.
If there was no cookie, they were sent back to the entry point.
I have set up a section of my company site for use by authorized dealers
only. I am currently using
mysql authorization, which works for the first page, but if someone were
to
type in the url of an
underlying page they would be able to get in without authorization. I know
I could use
To: 'PHP DB'
Subject: RE: [PHP-DB] advise needed for 'authorized only' site
I had a similar problem, but I can't promise that my solution is the best
way to go about it. After the user was validated, I set a cookie. I then had
all subsequent pages start with an if statement that checked for the cookie
At the top of every page ...
? session_start();session_register( origin );$origin=$PHP_SELF; if(
$HTTP_SERVER_VARS[ PHP_AUTH_USER ] !=lancelot $HTTP_SERVER_VARS[
PHP_AUTH_PW ] !=grail ) { if( !session_is_registered( member_id ) ) {
header(Location: user_logon2.php\n); } }?
The lancelot and
you could make them log in once per session and just have
every page check and see if they already have logged in and
if they have not then trigger the login mechanism.
This is what I do. I have a file/function called verify that I call at
the top of every page that I want secure (and
PROTECTED]
To: 'Bryan McLemore' [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Monday, September 23, 2002 4:06 PM
Subject: RE: [PHP-DB] advise needed for 'authorized only' site
you could make them log in once per session and just have
every page check and see if they already have logged
