gum1982 Posted November 14, 2009 Share Posted November 14, 2009 How can i make it impossible for someone to just put a url to my php page. i want to put some sort off protection on a file. I have got a file called survey.php in my site directory what method do i use to stop someone just being able to get to get to that page by typing www.example.com/survey.php in the address? I only want this page to be access after a form has been filled out. What method do i use to do this? thanks Link to comment https://forums.phpfreaks.com/topic/181519-hidden-page/ Share on other sites More sharing options...
ngreenwood6 Posted November 14, 2009 Share Posted November 14, 2009 well you can always do something like this: <?php if(!$_POST){ header("location:anotherpage.php"); } else { //display page here } ?> Link to comment https://forums.phpfreaks.com/topic/181519-hidden-page/#findComment-957523 Share on other sites More sharing options...
alpine Posted November 14, 2009 Share Posted November 14, 2009 Depending on what level of protection you want on it, something simple might do what you need - but its not bullet-proof on this level <?php if(!isset($_POST['formdata'])){ die("You cannot access this page without posting from form"); } if($_POST['formdata'] <> "some access value"){ die("Submitted data does not give access"); } // Page content continues here ?> Link to comment https://forums.phpfreaks.com/topic/181519-hidden-page/#findComment-957528 Share on other sites More sharing options...
stickynote427 Posted November 14, 2009 Share Posted November 14, 2009 I use this method for requiring a user name and password before a page is viewable. <?php //the correct user name and password $un="username"; $pw="password"; //if the form has not been submitted if (!isset($_POST['submitBtn'])) { ?> <form name="authForm" method="POST" action="<?=$_SERVER['PHP_SELF'];?>"> User name: <input type="text" name="username"><br> Password: <input type="password" name="password"><br> <input type="submit" value="Log In" name="submitBtn"> </form> <?php } else { //if the correct user name and password match the submitted user name and password if ($_POST['username']==$un && $_POST['password']==$pw) { ?> You entered the correct user name and password. Welcome to the hidden page! <?php exit; } //if the user name and password did both not match else { echo "You entered incorrect details. Please try again below.<br>"; } ?> <form name="authForm" method="POST" action="<?=$_SERVER['PHP_SELF'];?>"> User name: <input type="text" name="username"><br> Password: <input type="password" name="password"><br> <input type="submit" value="Log In" name="submitBtn"> </form> <?php } ?> Just wrote this from scratch and tested it; it should work fine. Tell me what you think. stickynote427 Link to comment https://forums.phpfreaks.com/topic/181519-hidden-page/#findComment-957529 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.