Sorry for dumb newbie question

[derekm]

I've been given the task of putting a website up for my department. Unfortunately our organizations IT division does not have MySQL installed on the server and the prospect of it looks dim. :(

Being [b]very[/b] new to PHP, I find myself in a quandry.

I have a form, to update my department heads message on the main page, that is an include based on a users cookie. However, I need to make sure that no one stumbles across this form and updates it unless they are authorized. Does PHP provide a way to detect the exact referring page? Would this be poor security due to, my understanding, some servers not reporting the referring page?

I've thought about splitting the form so the submit button is not in the include file but it looks like garbage when I do that.

Any help for a newbie would be greatly appreciated. Thanks.

[GingerRobot]

Could you not include a password in the php file and have that as one of the inputs on the form?

[cmgmyr]

I guess if you really wanted to, you can make a flat file database to store some user data like level. if level = 1 (admin) then you can see the form.

-Chris

[derekm]

Thanks for the responses. I think I wil probably try the password as part of the form while I research how to do flat file database layout.

Thanks again.

[trq]

There is also the option of sqlite, much quicker than mysql in many situations.

[hostfreak]

Why not use sessions, and user levels? The if the session is a certain user level it will show it etc.

[pixy]

^ Agreed, use sessions. They're more secure and easy to use.