If I have a website, and on every page there is a condition... something like that:
Code: Select all
if (isset($_SESSION["nickname"]) and isset($_SESSION["pass"])) {
echo "<html>
... the page....
";
} else {
echo "access denied!";
exit;
}
<?php
Code: Select all
session_start();
$_SESSION['nickname'] = "whatever";
$_SESSION['nickname'] = "whatever";
?>the script will deny him?
if no, please, what should I make to somehow protect my script....
I guess i need on every page to ask the database if there is such a session with "nickname" with such a "pass", yes?
The Ninja Space Goat - I edited your post to display the proper code bbcode tags for syntax highlighting
thx