jkkenzie Posted February 21, 2008 Share Posted February 21, 2008 There is a page e.g admin.php in the same folder as the index.php(home page) , the reason for them being on same folder is so as to be accessed via internet for manipulating the database. My question is , anyone can access this admin.php page where it directs them to a login page, how can i prevent people from accessing this page? Quote Link to comment Share on other sites More sharing options...
jkkenzie Posted February 21, 2008 Author Share Posted February 21, 2008 Also, is there a sample login page linked to a database(mysql) around here and how best to do it?. Regards,Joseph Quote Link to comment Share on other sites More sharing options...
priti Posted February 21, 2008 Share Posted February 21, 2008 hi, can you explain what you meant by "the reason for them being on same folder is so as to be accessed via internet for manipulating the database" ..... i think if you create a single file for database connection then you can include that file anywhere in your web app. so ... i get confused what exactly your idea to keep these two file together. Regards Quote Link to comment Share on other sites More sharing options...
vbnullchar Posted February 21, 2008 Share Posted February 21, 2008 @pritii: think hes trying to prevent other people from accessing the admin.php page.. @jkkenzie: you can put a admin login in admin.php Quote Link to comment Share on other sites More sharing options...
jkkenzie Posted February 21, 2008 Author Share Posted February 21, 2008 Say my folder is in, C:/wamp/www/index.php and my admin page admin.php is in the same directory C:/wamp/www/admin.php and C:/wamp/www/AdminLOGIN.php . As you suggested, say Url would be http://www.buynairobi.com/index.php, if someone tries http://www.buynairobi.com/admin.php that would open isn't it? Regards, Joseph Quote Link to comment Share on other sites More sharing options...
smithmr8 Posted February 21, 2008 Share Posted February 21, 2008 Im assuming that you have some sort of user account on this. I would add to your user table an additional field, 'rank' or something and default it at 1. Say you choose to give admin the rank of 5. You just put an mysql query on your admin page. If the person's rank is 5, let them view it, else.. display a message. e.g if($user['rank'] == 5){ --SHOW PAGE-- } else { echo "Your not authorised to view this page!"; } Also, instead of having an additional page for admin login. You could just put have it linked to on the website, but the link only displays if the users rank is 5. e.g. if($user['rank'] == 5){ echo "<a href=\"admin.php\">Admin</a>"; } Quote Link to comment Share on other sites More sharing options...
Daniel0 Posted February 21, 2008 Share Posted February 21, 2008 How exactly do you want to restrict the access? Here is one way you can do it: <Location /admin.php> Order Allow, Deny Deny from All Allow from *your_ip_here* </Location> Quote Link to comment Share on other sites More sharing options...
jkkenzie Posted February 21, 2008 Author Share Posted February 21, 2008 danielo, am not able to understand the way you do it, but i have decided when the admin is opened, it calls the login page if no one is logged in. Thanks Joseph Quote Link to comment Share on other sites More sharing options...
priti Posted February 22, 2008 Share Posted February 22, 2008 @pritii: think hes trying to prevent other people from accessing the admin.php page.. @jkkenzie: you can put a admin login in admin.php @vbnullchar My intention to ask this is what may be the reason that index.php and admin.php has to be in same place ?? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.