Hey y'all.
Ok so I am working on the admin sectin of the e-commerce app I'm writing
and I'm hoping there's a better way to do what I am currently doing.
In an effort to prevent circumvention of the login page I've placed a check at the beginning of each page that basically does the following:
<?php
if(loggedin()) { // entire page of code goes here } else { // redirect back to login page }
?>
That's essentially what I do too... except I've got all this stored in a restricted.inc file which I just include() where needed.
I think you can minimise your code though, by checking (in my case) for an invalid uid or a uid without admin clearance
(redirect and exit), otherwise just show the page:
---
<?php
if(!$_SESSION['uid'] || !$_SESSION['admin'])
{
header("Location: login.php");
exit;
}
?>
the rest of your page here
---
Cheers,
Justin
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
