How to stop direct execution to my page

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • upendrajpr@gmail.com
    #1

    How to stop direct execution to my page

    Dear frindes,
    I am new to php. in my 'php' code when someone
    login into my page he/she awail the necessary page rights, it's quite
    ok. but when it click on the page and someone direct copy & paste the
    url he also access the page without proper login.
    How it could be possible that someone access only after
    the login and not direct copy & paste the desired url.

    with session & without session.

    Thanx in advance.

    situ.

    Tags: None
    • Erwin Moller
      #2
      Re: How to stop direct execution to my page

      upendrajpr@gmai l.com wrote:
      Dear frindes,
      I am new to php. in my 'php' code when someone
      login into my page he/she awail the necessary page rights, it's quite
      ok. but when it click on the page and someone direct copy & paste the
      url he also access the page without proper login.
      How it could be possible that someone access only after
      the login and not direct copy & paste the desired url.
      >
      with session & without session.
      >
      Thanx in advance.
      >
      situ.
      >
      Hi,

      Answer: Sessions.

      loginpage posts to a check username/password page.
      On succes set a sessionvariable , eg:
      [stupid example]
      session_start() ;
      if (($_POST["username"] == "situ") && ($_POST["password"] == "secret")){
      $_SESSION["validUser"] = "Y";
      } else {
      header ("Location: loginpage.php") ;
      exit;
      }


      Then from every other page that requires a validated user:
      session_start() ;
      if ((isset($_SESSI ON["validUser"])) && ($_SESSION["validUser"] == "Y")){
      // OK
      } else {
      // NOT ok
      header ("Location: loginpage.php") ;
      exit;
      }

      Go to www.php.net to learn more about sessions.

      Regards,
      Erwin Moller

        Comment

        • upendrajpr@gmail.com
          #3
          Re: How to stop direct execution to my page

          On Sep 5, 2:23 pm, Erwin Moller
          <Since_humans_r ead_this_I_am_s pammed_too_m... @spamyourself.c omwrote:
          upendra...@gmai l.com wrote:
          Dear frindes,
          I am new to php. in my 'php' code when someone
          login into my page he/she awail the necessary page rights, it's quite
          ok. but when it click on the page and someone direct copy & paste the
          url he also access the page without proper login.
          How it could be possible that someone access only after
          the login and not direct copy & paste the desired url.
          >
          with session & without session.
          >
          Thanx in advance.
          >
          situ.
          >
          Hi,
          >
          Answer: Sessions.
          >
          loginpage posts to a check username/password page.
          On succes set a sessionvariable , eg:
          [stupid example]
          session_start() ;
          if (($_POST["username"] == "situ") && ($_POST["password"] == "secret")){
          $_SESSION["validUser"] = "Y";} else {
          >
          header ("Location: loginpage.php") ;
          exit;
          >
          }
          >
          Then from every other page that requires a validated user:
          session_start() ;
          if ((isset($_SESSI ON["validUser"])) && ($_SESSION["validUser"] == "Y")){
          // OK} else {
          >
          // NOT ok
          header ("Location: loginpage.php") ;
          exit;
          >
          }
          >
          Go towww.php.netto learn more about sessions.
          >
          Regards,
          Erwin Moller
          Thank you very much for quick reply I think this definately help me
          a lot.

          regards
          situ

            Comment

            Previous template Next
            Working...