You can play with a $_SESSION var, ..
Imagine that you have the file a.php with ..
<?php
// Your code ....
session_start();
$_SESSION["lastFile"] = $_SERVER["SCRIPT_FILENAME"];
?>
And you want b.php that can only be executed after a.php:
<?php
session_start();
if($_SESSION["lastFile"]!="a.php") die("Access denied");
$_SESSION["lastFile"] = $_SERVER["SCRIPT_FILENAME"];
?>
And so ...
-----Mensaje original-----
De: Doug Wolfgram [mailto:[EMAIL PROTECTED]
Enviado el: martes, 26 de agosto de 2003 17:45
Para: [EMAIL PROTECTED]
Asunto: [PHP] Controlling Access
I have an application that consists of some 30 php modules. Each one links
to another, as you can imagine. How can I create a security mechanism that
only allows the modules in my system to be called from one-another? I do
nto want any of the modules to be called by typing them on the address bar.
Of course, sessions takes care of folks who have not logged into the
system, btu I don;t want registered users hacking around either.
I though of using HTTP_REFERER as a handshake restrictor, but it seems to
be unstable and unreliable. Any suggestions?
D
------------------------------------
'Marketing that Listens"
------------------------------------
Doug Wolfgram
CEO - GRAFX Group, Inc.
www.gfx.com
www.aimprojects.com
949.433.3641
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
