Andrew R Posted September 9, 2008 Share Posted September 9, 2008 I am using the following code in my index.php to paginate my site…. if (!isset($_GET["page"])) { header("Location: ?page=home"); } else { $include = "$_GET .php"; } The variable $include is then placed somewhere else in index.php to include home.php or whatever $_GET["page"] equals (contact.php, users.php etc). Further on in the index script I have the user area protection script. (Below) if ($_GET["page"] == 'users') { USER SCRIPT HERE, VAILDATES THE USER, CHECKS IF THEY ARE LOGGED IN ETC } The problem I am having is there's nothing to stop somebody typing in users.php and having access to the users area, bypassing the index.php file which includes the validation for the users area. How could I protect users.php to stop people from doing this? Many thanks Link to comment https://forums.phpfreaks.com/topic/123521-pagination-and-user-area-problems/ Share on other sites More sharing options...
BlueSkyIS Posted September 9, 2008 Share Posted September 9, 2008 use sessions. when the user logs in, set sessions variables and check those variables on each page where that user should (or shouldn't) be allowed. Link to comment https://forums.phpfreaks.com/topic/123521-pagination-and-user-area-problems/#findComment-637891 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.