Pervasive login methods such as the one you've devised are the best way to
have a password protected region on your website. However it will only work
on pages that are parsed by PHP. In order to protect plain text or HTML
files they will have to be stored outside of your public directory and
either included() or fopened() into the PHP script that has authenticated
the user.
-Kevin
----- Original Message -----
From: "Pushpinder Singh Garcha" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, January 31, 2003 3:09 PM
Subject: [PHP] Help Needed
> Hello All:
>
> I am using PHP and MySQL in my application. I need to be able to allow
> ONLY authorized users access to some pages in the site. For this I am
> creating a session variable ''$valid_user", after the user has
> successfully authenticated himself with the Database. The pages that
> need to be protected are all HTML files. So far everything, works fine.
> I am wondering how to finally deploy the logic on all the pages that
> need to be protected.
>
> Here is my point of view.
>
> 1). Change all the names of the protected documents to .php
> 2). Use the following script:
>
>
> <? session_start(); ?>
>
> if (session_is_registered($valid_user)) {
>
> // show the original page
>
> PLEASE TELL me a way to display the same page
>
> }
>
>
> elseif (!session_is_registered($valid_user)) {
>
> // display an error message to the user asking him to login before he
> can see this page
>
> }
>
> many thanks
> --Pushpinder Singh
>
>
> Pushpinder Singh Garcha
> _________________________________
> Web Architect
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
