Pete..... wrote:
The 2 scripts I made is actually working the way they where meant to. So im kindda happy :)

The problem is, that I didnt think about the problem: as Steve wrote:
"There are other matters of concern, however, the most pressing of which is: How am I going to stop user from navigating directly to page1?"
Maybee I can find some premade feature, that prevents users to go to page1 without logging in. Any ideas as to where I can find some information about this.


Nice that you all take time to help a newbie, so thanks to the helpfull people :)

May the spirit of Python be with you. That's mostly the way people like to behave around these parts.

Essentially the problem is that in order to avoid open access to the site, every page access must somehow cause the web server or the application code to verify that the user has already authenticated.

This is usually done by

a) having the server issue a unique cookie for each browser session, so it can determine which user is associated with each request, and

b) maintaining a state for each session, which records (probably among other things) whether or not the user is currently logged in.

PHP has one easy-to-use mechanism for this whereas Python appears to have about thirty-five different ways to achieve it, of varying degrees of difficulty. The trickiest thing is that unless the server/application framework takes care of it for you (as happens, for example, with Webware) then each page has to be generated dynamically, and must include code to verify the user's authenticity.

If you are determined to stick with Python then try Googling for "Python web session state". That will give you a better appreciation of the problem, and point up a few possible solutions.

regards
 Steve

--
http://mail.python.org/mailman/listinfo/python-list

Reply via email to