Honestly if you have the users logging in use a session variable to contain a session id
then verify against that sessionid as they browse the sensitive sections and use a class to verify that they are a valid user so yes Ideally sessions are the way to go Chris ----- Original Message ----- From: "Seth Willits" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, August 29, 2003 3:24 PM Subject: [PHP] Approaches to Logging In > I'm currently working on a portion of a website for my high school's > band (though I'm now in college) and one of the sections contains > contact information for all of the students which should only be > accessible if you have are a member of band staff and have a password. > > In order to access the "band staff" section, you are required to enter > in a username and password and from there you can visit any of the > pages in the band staff section. So it's fairly straight forward, login > view the pages, type of system. > > My question is, how should I go about determining whether the user has > logged in or not? Are sessions overkill or difficult to use? Or is > there another easier solution? This doesn't have to be maximum security > or handle a variety of approaches to the pages, I'm just looking for a > simple, "unless you're logged in, you can't see this page." > > Are sessions the way to go? > > > > Seth Willits > ------------------------------------------------------------------------ > --- > President and Head Developer of Freak Software - http://www.freaksw.com > Q&A Columnist for REALbasic Developer Magazine - > http://www.rbdeveloper.com > Webmaster for REALbasic Game Central - http://www.freaksw.com/rbgames > > "One day you'll be wandering through the darkness looking for guidance, > inspiration, and your purpose in life, and the next you'll turn around > and realize they've been standing right next to you the whole time." > -- Seth Willits > ------------------------------------------------------------------------ > --- > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
