Skip site navigation (1) Skip section navigation (2)

RE: Re: Re: Secure pages

From: Chris <csmith(at)squiz(dot)net>
To: "Christian Marschalek" <cm(at)chello(dot)at>, "[PHP] PostgreSQL" <pgsql-php(at)postgresql(dot)org>
Subject: RE: Re: Re: Secure pages
Date: 2001-03-14 04:13:29
Message-ID: 4.3.2.7.2.20010314144332.00cd87e0@203.25.173.1 (view raw or flat)
Thread:
Lists: pgsql-php
Hey,

> > As someone else suggested, have a check on each page for a
> > session variable
> > (which of course is set when they login).
> >
> > <?
> >          if (!isset($sessionvariable) {
> >            header("Location:login.php");
> >            exit;
> >          }
> > ?>
>
>will do.. what excatly are session variables?

check out http://www.php.net/manual/en/ref.session.php for session info..

> > This can be in an include file, as a function (just remember to globalise
> > variables! I always forget :P), that way it will get checked on all your
> > protected pages :)
>
>globalise? there are no global variables in php, are they?;)

With functions, you can either pass variables or reference variables 
outside the function (for example, with a login function)... if they aren't 
passed to the function & need to be referenced, they have to be a global 
variable. Example below..

If you don't globalise the variable, then the form action will be nothing, 
because the function doesn't know what it is or where to get it's value 
from. Make sense?

function print_login_form () {
         global $PHP_SELF;
?>
<form method="post" action="<? echo $PHP_SELF ?>">
         Name
         <input type="text" value="">
         <br><br>
         Password
         <input type="password" value="">
         <br><br>
         <input type="submit" value="Log In">
</form>
<?
}

HTH

------------------------
Chris Smith
http://www.squiz.net


In response to

pgsql-php by date

Next:From: Andrew HammondDate: 2001-03-15 10:37:38
Subject: the "correct" way to login.
Previous:From: Christian MarschalekDate: 2001-03-14 01:40:43
Subject: RE: Re: Re: Secure pages

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group