chadrt Posted January 18, 2009 Share Posted January 18, 2009 I am building a dispatch system for a roadside assistance company from scratch. It is interesting as I have never had a project this big before and my knowledge of php is sub-beginner. I am doing ok so far but I have a page that authenticates users after a login form sets a cookie. This form calls other pages into it using include($page.".php") but those pages can be called individually and I want them to be rendered useless unless they are called from within the main page. Thank you for your help. Quote Link to comment Share on other sites More sharing options...
elgoog Posted January 18, 2009 Share Posted January 18, 2009 in your include file put this at the top <?php if ($fileaccess != "allow") { exit('No direct access allowed'); } ?> then you will not be able to direct access. Then in your index put $fileaccess = "allow"; include($page.".php") Quote Link to comment Share on other sites More sharing options...
chadrt Posted January 18, 2009 Author Share Posted January 18, 2009 So simple and so perfect! Thank you so much... Quote Link to comment Share on other sites More sharing options...
chadrt Posted January 18, 2009 Author Share Posted January 18, 2009 Ok quick question what I do something like this? <?php if ($fileaccess9 != "allowRR783") { header("Location: index.php"); } ?> Because the index is a redirect to the login page which also check for cookie existence and will redirect them to the dispatch system main page if it exists, isnt expired and the user has not been suspended in the system. If I do this is this fail safe? Or is there some level of security I should be aware of doing it this way? Thanks again for your help... Quote Link to comment Share on other sites More sharing options...
elgoog Posted January 18, 2009 Share Posted January 18, 2009 <?php if ($fileaccess9 != "allowRR783") { header("Location: index.php"); exit(); } ?> You should also exit too. I beleive the header location is browser based and can be bypassed Quote Link to comment Share on other sites More sharing options...
chadrt Posted January 18, 2009 Author Share Posted January 18, 2009 Thank you again!! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.