I'm making a website script for the Garment. So I already added login page and it is working perfectly. But the problem is anyone can just type any .php page name and can access those pages. I need to avoid that problem. So i need to know how to add session expiration for those pages. It will avoid my problem. If anyone need to access my website, they have to login through login page. Because session will blocking for the unauthorized access. Pleases anyone can give some advice to avoid my problem.
-
-
Add to the top of exery page
put this where login is successfulPHP Code:session_start();
Add this to the pages that you want to protectPHP Code:$_SESSION["user"] = "username"; ///<-can be any values
to log out usersPHP Code:if(isset($_SESSION["user"]))
{
///logged in
}
else
{
////not logged in
}
PHP Code:session_destroy();
Mobile chat, iphone chat, android chat, chat, rooms http://www.aiochat.com -
Thank You Friend. But i already added cookies for my website.Originally posted by kevk3v View PostComment
-
If its sql based use something like this:
See also: http://coding-talk.com/f60/protectin...514/#post98932PHP Code:function users() {
$username = !empty($_SESSION['username']) ? safe_query_function($_SESSION['username']) : null;
$password = !empty($_SESSION['password']) ? safe_query_function($_SESSION['password']) : null;
if (isset($username, $password)) {
$query = mysql_query('SELECT * FROM `users` WHERE `username` = "'.$username.'" AND `password` = "'.$password.'" LIMIT 1');
return (bool) (mysql_num_rows($query) > 0);
} else {
return false;
}
}
if (users()) {
// in the bussines
}
And post the codes in the matter, its so much easier to help ppl.
<!DOCTYPE html PUBLIC "-//WAPFORUM.RSComment
Comment