Re: restrict access to multiple pages

From: Justin Patrin (papercrane_at_reversefold.com)
Date: 12/09/03 

To: php-general@lists.php.net
Date: Mon, 08 Dec 2003 17:11:50 -0800

Chris W. Parker wrote:

> Hey y'all.
>
> Ok so I am working on the admin sectin of the e-commerce app I'm writing
> and I'm hoping there's a better way to do what I am currently doing.
>
> In an effort to prevent circumvention of the login page I've placed a
> check at the beginning of each page that basically does the following:
>
> <?php
>
> if(loggedin())
> {
> // entire page of code goes here
> }
> else
> {
> // redirect back to login page
> }
>
> ?>
>
> By doing this people will not be able to just enter manually any URL
> they want and have the page load.
>
> As far as better ways go I was thinking that maybe I could employ
> .htaccess somehow? But then I think that might require having user
> accounts registered with the server instead of just using a db and I
> don't want to do that.
>
> I was thinking that maybe I could change it to this:
>
> <?php
>
> // define function stored in class file
> // (basic auth function, not at all what i'm using.
> // just an example.)
> function IsLoggedIn($input)
> {
> if(isset($input) && !empty($input))
> {
> return 1;
> }
> else
> {
> // redirect to login page
> }
> }
>
> IsLoggedIn($input);
>
> // entire page of code goes here
>
>
> ?>
>
> Any want to share their experiences and ideas?
>
>
> Thanks,
> Chris.
> --
> Don't like reformatting your Outlook replies? Now there's relief!
> http://home.in.tum.de/~jain/software/outlook-quotefix/

I tend to include the same file which does this for me at the beginning
of pages which must have authentication. Using a function as you
described (with automatic redirection to the login page) is how I would
do it.

You may also want to look into a the PEAR Auth package.
http://pear.php.net/package/Auth 

-- 
paperCrane <Justin Patrin>

Relevant Pages

  • Re: A History of Thailand by an angry Farang
    ... this bastard stickman's writing should be taken with a big ladel of sat. ... yes, k 037, profit must be tempered with responsibility. ... But Chris Moore is actually a fine writer, a true literary phenom, a deeply ... i have read practically all books of dicks and chris more, the latest of which he has ...
    (soc.culture.thai)
  • Re: To Many Errors!
    ... times but is being somewhat offset by the reduced debugging time. ... > of the problems searching the web, and there are MVP'S like Chris ... As long as Pocket PC application development is ... Writing an Application in No Time!!! ...
    (microsoft.public.dotnet.framework.compactframework)
  • Re: Dropped Mapped Connections....
    ... >>>login with using the exact same login and it never looses the mapped ... >> mapped resource, it was because I lost the actual network connection, ... >will appear but if from a command prompt I type "S" it will not find the ...
    (microsoft.public.windowsxp.general)
  • Re: To Many Errors!
    ... > of the problems searching the web, and there are MVP'S like Chris ... As long as Pocket PC application development is ... Writing an Application in No Time!!! ... > Yeas, we use this Pocket PC bullshit Every ...
    (microsoft.public.dotnet.framework.compactframework)
  • Re: To Many Errors!
    ... Chris Tacke, eMVP ... This higher ratio translates directly into longer development ... As long as Pocket PC application development is ... Writing an Application in No Time!!! ...
    (microsoft.public.dotnet.framework.compactframework)