I am using session checking on each page to ensure the user had logged on. When they do the following code is executed:
[PHP]
function startSession($l g_name){
session_start() ;
$_SESSION['author'] = $lg_name;
}[/PHP]
at the start of each page the following code is then executed:
[PHP]
session_start() ;
if (!isset($_SESSI ON['author'])){
$result = "invalid";
}else{
$result = "valid";
//$_SESSION['position'] = $_SERVER['REQUEST_URI'];
}
return $result;
[/PHP]
The problem i have is that i can just enter the URL of a page in IE and it lets me in. I thought it might be because of the session_start being called, but the same happens without this. Any ideas?
[PHP]
function startSession($l g_name){
session_start() ;
$_SESSION['author'] = $lg_name;
}[/PHP]
at the start of each page the following code is then executed:
[PHP]
session_start() ;
if (!isset($_SESSI ON['author'])){
$result = "invalid";
}else{
$result = "valid";
//$_SESSION['position'] = $_SERVER['REQUEST_URI'];
}
return $result;
[/PHP]
The problem i have is that i can just enter the URL of a page in IE and it lets me in. I thought it might be because of the session_start being called, but the same happens without this. Any ideas?