php - Prevent opening page without login -
i have created webpage (lets call root main.php) , decided put login on top of (file index.php). login works fine, problem this. if type address of page (main.php) directly in browser, opened. there way prevent opening page unless go through login?
in case relevant, login code:
<!doctype html> <html > <head> <meta charset="utf-8"> <title>login</title> <link rel="stylesheet" href="/css/style.css"> </head> <body> <div class="login_container"> <div id="login-form"> <h3>login</h3> <fieldset> <form action="checklogin.php" method="post"> <input name="username" type="text" required placeholder="username"> <input name="password" type="password" required placeholder="*******"> <input type="submit" value="login"> </form> </fieldset> </div> </div> </body> </html>
and directs :
<?php ob_start(); // define $username , $password $username=$_post['username']; $password=$_post['password']; $username = stripslashes($username); $password = stripslashes($password); $username = pg_escape_string($username); $password = pg_escape_string($password); if($username == "username" && $password == "password"){ $_session['username']="username"; $_session['password']="password"; header("location:main.php"); } else header("location:index.php"); ob_end_flush(); ?>
you need check, on every request requires login, user logged in , authorized.
a way of looking @ seeing request url part of input program. cookies , get/post parameters input.
main.php
either return page data or request login.
Comments
Post a Comment