RE: Re: Re: Secure pages

From: Chris <csmith(at)squiz(dot)net>
To: "Christian Marschalek" <cm(at)chello(dot)at>, "[PHP] PostgreSQL" <pgsql-php(at)postgresql(dot)org>
Subject: RE: Re: Re: Secure pages
Date: 2001-03-14 04:13:29
Message-ID: 4.3.2.7.2.20010314144332.00cd87e0@203.25.173.1
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-php

Hey,

> > As someone else suggested, have a check on each page for a
> > session variable
> > (which of course is set when they login).
> >
> > <?
> > if (!isset($sessionvariable) {
> > header("Location:login.php");
> > exit;
> > }
> > ?>
>
>will do.. what excatly are session variables?

check out http://www.php.net/manual/en/ref.session.php for session info..

> > This can be in an include file, as a function (just remember to globalise
> > variables! I always forget :P), that way it will get checked on all your
> > protected pages :)
>
>globalise? there are no global variables in php, are they?;)

With functions, you can either pass variables or reference variables
outside the function (for example, with a login function)... if they aren't
passed to the function & need to be referenced, they have to be a global
variable. Example below..

If you don't globalise the variable, then the form action will be nothing,
because the function doesn't know what it is or where to get it's value
from. Make sense?

function print_login_form () {
global $PHP_SELF;
?>
<form method="post" action="<? echo $PHP_SELF ?>">
Name
<input type="text" value="">
<br><br>
Password
<input type="password" value="">
<br><br>
<input type="submit" value="Log In">
</form>
<?
}

HTH

------------------------
Chris Smith
http://www.squiz.net

In response to

Browse pgsql-php by date

  From Date Subject
Next Message Andrew Hammond 2001-03-15 10:37:38 the "correct" way to login.
Previous Message Christian Marschalek 2001-03-14 01:40:43 RE: Re: Re: Secure pages