gum1982 Posted November 14, 2009 Share Posted November 14, 2009 How can i make it impossible for someone to just put a url to my php page. i want to put some sort off protection on a file. I have got a file called survey.php in my site directory what method do i use to stop someone just being able to get to get to that page by typing www.example.com/survey.php in the address? I only want this page to be access after a form has been filled out. What method do i use to do this? thanks Quote Link to comment Share on other sites More sharing options...
ngreenwood6 Posted November 14, 2009 Share Posted November 14, 2009 well you can always do something like this: <?php if(!$_POST){ header("location:anotherpage.php"); } else { //display page here } ?> Quote Link to comment Share on other sites More sharing options...
alpine Posted November 14, 2009 Share Posted November 14, 2009 Depending on what level of protection you want on it, something simple might do what you need - but its not bullet-proof on this level <?php if(!isset($_POST['formdata'])){ die("You cannot access this page without posting from form"); } if($_POST['formdata'] <> "some access value"){ die("Submitted data does not give access"); } // Page content continues here ?> Quote Link to comment Share on other sites More sharing options...
stickynote427 Posted November 14, 2009 Share Posted November 14, 2009 I use this method for requiring a user name and password before a page is viewable. <?php //the correct user name and password $un="username"; $pw="password"; //if the form has not been submitted if (!isset($_POST['submitBtn'])) { ?> <form name="authForm" method="POST" action="<?=$_SERVER['PHP_SELF'];?>"> User name: <input type="text" name="username"><br> Password: <input type="password" name="password"><br> <input type="submit" value="Log In" name="submitBtn"> </form> <?php } else { //if the correct user name and password match the submitted user name and password if ($_POST['username']==$un && $_POST['password']==$pw) { ?> You entered the correct user name and password. Welcome to the hidden page! <?php exit; } //if the user name and password did both not match else { echo "You entered incorrect details. Please try again below.<br>"; } ?> <form name="authForm" method="POST" action="<?=$_SERVER['PHP_SELF'];?>"> User name: <input type="text" name="username"><br> Password: <input type="password" name="password"><br> <input type="submit" value="Log In" name="submitBtn"> </form> <?php } ?> Just wrote this from scratch and tested it; it should work fine. Tell me what you think. stickynote427 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.