Jump to content

securing a page


Reaper0167

Recommended Posts

The IP bit is failure. For ISP's like mine, the IP's regularly change. - Or if you move house, the IP is likely to be different.

This means the user cannot access that page because the IP has been changed.

What I'd usually do is a Hash key.

Consists of.. the sessions created. Example:

sha1(user ID + secret key)

Secret key is usually a random string put in the config file. Eg: 2402892SDA929QDW

You'd then put the hash, in a session..

 

You would then check if the hash, is equivalent to the above.

eg:

if(sha1($_SESSION['id'] . $secret_key) == $_SESSION['hash']) { Allow Access }

 

If you want to display a page only to certain users.. You can simply do

$id = 1; - For the user of id 1

then replace $_SESSION['id'] with $id.

 

Pretty secure to me :)

Link to comment
https://forums.phpfreaks.com/topic/198203-securing-a-page/#findComment-1039973
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.