How to restrict acess to a page if typed in adressBar
Posted: Thu Apr 24, 2008 8:45 pm
Hi I'm a newbie,
My websites has privileges;
When your logged in, privilege=5 and the link "textArea" appears on every htmlPage;
When u click on textArea, you have access to my textArea page that does not exists if you're not logged in which means privilege=0 .
My problem is, I dont want anyone who hasnt logged in to have access to this particular page if privilege=0. example:
localhost/myWebsiteFolder/index.php?idChoice=textArea
-----------------this is my code now I really dont know if I'm on the right path
//define('ID_CHOICE',fct_SESSION('idChoice',"home")); which is in my variableInit.php file;
//this instruction is in another php file.
if (PRIVILEGE == 0)
{
$searchThis=array('idChoice'=> 'editeur');
if (array_key_exists('idChoice',$searchThis)){
echo "-------------------I'm trying to hijack you-------------";
$_SESSION['idChoice] = 'login';
}
$lienLogin = array('idChoice' => 'login');
echo fct_lien ( $lienLogin, 'login');
}else{
$lienLogin = array('idChoice' => 'logout');
echo fct_lien ( $lienLogin, 'logout');
}
please help !
Jakei
My websites has privileges;
When your logged in, privilege=5 and the link "textArea" appears on every htmlPage;
When u click on textArea, you have access to my textArea page that does not exists if you're not logged in which means privilege=0 .
My problem is, I dont want anyone who hasnt logged in to have access to this particular page if privilege=0. example:
localhost/myWebsiteFolder/index.php?idChoice=textArea
-----------------this is my code now I really dont know if I'm on the right path
//define('ID_CHOICE',fct_SESSION('idChoice',"home")); which is in my variableInit.php file;
//this instruction is in another php file.
if (PRIVILEGE == 0)
{
$searchThis=array('idChoice'=> 'editeur');
if (array_key_exists('idChoice',$searchThis)){
echo "-------------------I'm trying to hijack you-------------";
$_SESSION['idChoice] = 'login';
}
$lienLogin = array('idChoice' => 'login');
echo fct_lien ( $lienLogin, 'login');
}else{
$lienLogin = array('idChoice' => 'logout');
echo fct_lien ( $lienLogin, 'logout');
}
please help !
Jakei