SitePoint Sponsor

User Tag List

Results 1 to 9 of 9
  1. #1
    SitePoint Member Smellie's Avatar
    Join Date
    Jun 2003
    Location
    Wrexham
    Posts
    8
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Restrict Unauthorised Users to a page

    Hi all -

    I hope someone can help. I have put in php script to a page to get users to complete a login procedure but, how do you stop people from simply cutting and pasteing the URL and so bypassing the log in page? I have to be honest, PHP is not my strong point, and I have been going round and round in circles with this one for days and days.

    Hope someone can help, I am losing the will to live!!!!!

  2. #2
    SitePoint Wizard Rick's Avatar
    Join Date
    Oct 2002
    Location
    Lancashire, UK
    Posts
    3,847
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hey there Smellie...

    There are a number of ways to do what your talking about, but my favourite is the method that Kevin Yank discusses in his article Managing Users with PHP Sessions and MySQL Using the article you should be able to achieve exactly what you want.

    You can then easily protect each page using one line of php code, <?php include('accesscontrol.php'); ?>.

    Cheers
    ZOO
    Rick

  3. #3
    SitePoint Member Smellie's Avatar
    Join Date
    Jun 2003
    Location
    Wrexham
    Posts
    8
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Zoo - Thanks for the reply. Yes, you are right, Kevin Yank's method is by far the simplest I have come across since I started this whole thing! I am glad to say, that with the help of his article, it is all in place now.

  4. #4
    SitePoint Wizard Rick's Avatar
    Join Date
    Oct 2002
    Location
    Lancashire, UK
    Posts
    3,847
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Excellent, Glad you got it sorted
    Rick

  5. #5
    SitePoint Enthusiast
    Join Date
    May 2003
    Location
    Kampala Uganda
    Posts
    70
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Even this could work:
    PHP Code:
    if(isset($login)){//login determines if a variable has been passed to this page. 
        
    ...
        
    //process the users,passwords.
        
    ...
    } else {
        echo 
    "You have to login to access this page!";
        include (
    "login.php");//login page

    And we know that all things work together for good
    To them that love God, to them who are the called
    According to his purpose. Romans 8:28

  6. #6
    SitePoint Wizard Rick's Avatar
    Join Date
    Oct 2002
    Location
    Lancashire, UK
    Posts
    3,847
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That's essentially what the script does at the moment, but all of that is kept in a file which just needs to be included in each page rather than having to put that code in everypage
    Rick

  7. #7
    SitePoint Addict Ghz's Avatar
    Join Date
    Jun 2002
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'de rather use the cookies to restrict the access of the users to some pages. And by this way you can do alot of things too other than making the restrictions like playing someone's personal information and so on.
    Regards,

  8. #8
    Non-Member
    Join Date
    Jan 2003
    Posts
    5,748
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    To prevent someone going to another part of your website simply by typing in the url; use SESSIONs on all pages and check first their username and password against the database; if no match then re-direct to the log in page; works every time. Just remember those SESSIONs you need on all pages you want users to log in for.

  9. #9
    SitePoint Enthusiast
    Join Date
    May 2003
    Location
    Kampala Uganda
    Posts
    70
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Dr. Livingstone! you are right. i think that is a better of tracking users and protecting pages using the sessions.
    And we know that all things work together for good
    To them that love God, to them who are the called
    According to his purpose. Romans 8:28


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •