ChompGator Posted April 4, 2008 Share Posted April 4, 2008 Hello there I have a login, that users fill in their username/password > then click submit and there is a handle form that checks the username/password in a database..If the username/password is right it sends them to the members area page, if the username/password is wrong it doesn't let them login. Problem Im having is - if I wanted to bypass the login - alls I really have to do is enter the URL to my members area in the address bar and hit `enter` and boom~ Just bypassed the login. My question is > I dont want users to be able to do that - (just enter the URL to the members area and they get in) Is there a code I can put at the top of each page in my members area that checks to see if they're logged in. Or what are everyones suggestions, for stopping users from just entering the URL to get into the members area? - Thanks Link to comment https://forums.phpfreaks.com/topic/99613-php-help-blocking-access/ Share on other sites More sharing options...
p2grace Posted April 4, 2008 Share Posted April 4, 2008 When they login assign a session variable, then on each page check if that session variable exists, if it doesn't redirect them to the login page. Link to comment https://forums.phpfreaks.com/topic/99613-php-help-blocking-access/#findComment-509593 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.