Hey y'all.
Ok so I am working on the admin sectin of the e-commerce app I'm writing
and I'm hoping there's a better way to do what I am currently doing.
In an effort to prevent circumvention of the login page I've placed a
check at the beginning of each page that basically does the following:
<?php
if(loggedin())
{
// entire page of code goes here
}
else
{
// redirect back to login page
}
?>
By doing this people will not be able to just enter manually any URL
they want and have the page load.
As far as better ways go I was thinking that maybe I could employ
.htaccess somehow? But then I think that might require having user
accounts registered with the server instead of just using a db and I
don't want to do that.
I was thinking that maybe I could change it to this:
<?php
// define function stored in class file
// (basic auth function, not at all what i'm using.
// just an example.)
function IsLoggedIn($input)
{
if(isset($input) && !empty($input))
{
return 1;
}
else
{
// redirect to login page
}
}
IsLoggedIn($input);
// entire page of code goes here
?>
Any want to share their experiences and ideas?
Thanks,
Chris.
--
Don't like reformatting your Outlook replies? Now there's relief!
http://home.in.tum.de/~jain/software/outlook-quotefix/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
