Hi there. I'm new to php and would like some insight on securing a website.
Upon successful login to my site (checks against database for username and
password) I assign a session variable called '$islogged' to 'yes'. On all
other pages throughout my site I use the following code to determine if this
variable is set, and if not redirect them to the login page.
if($islogged = = "no"){
header("Location:index.php");
}
elseif(EMPTY($islogged))
{
header("Location:index.php");
}
This seems to work, however, if I close out my browser and say type in
main.php (this page has the above code) in the address bar I can still
access the page. How can I fix this? Is there something else I could be
doing to improve the functionality?
Any insights would greatly be appreciated.
Cheers Joe:)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
