Page 2 of 2

Posted: Fri Nov 21, 2003 2:27 pm
by malcolmboston
ok guys i got it working

anyway i used a bit of code sami give me a while ago, but it needed a bit of editing

the reason it wasnt working is that it (i assume) needed to be right at the top of my PHP (coding line 1) also i wasnt aware of the whitespace rule so after i worked that out and messed with the actual structure of my php code (which is over 300+ lines on each page now! :oops: ) it worked, perfectly everytime, if anyone needs the code then ill post it

Thanks for your help

Posted: Fri Nov 21, 2003 2:34 pm
by malcolmboston
btw the user authenticication is handled by my own MySQL server which is passworded etc to grant only me access (obviously the site is automatically set-up to use my username to input, edit and delete behaviours, im also using sessions to keep a person logged in assoon as the sessio ends they cant go any further, i tried this out last night by logging into my site and deleting my session file, at this moment in time i was in the members area as soon as i clicked on a link it took me to my access denied script, so its working properly. i aint using cookies because well, at the moment my knowledge is awful on cookies to say the least.

I am fully aware that web-sites can never be 100% secure, but how at risk am i? by authenticicating a user in this way?

also all members pages, have a session checking functuion that requires you to have logged in before you can view it, so people cannot simply guess teh URL because they will be redirected to login.php