For my college assignment, we have been asked to create a fake MI6 website in which we have to create a user log in. So index.php is where the user logs in. And main.php is where the user will end up when the log in is succesful. I managed to do this with little problem.
However, if you type the location or main.php into the URL bar of the browser, the page is shown because there is no security checking on the actual page itself. Its only a simple project for college but I really dont want to hand in a website in which you can get into the site by typing in the location! I have searched google and have come up with nothing.
Currently, I have some code which makes sense in my head but obviously isnt working. When the log in script is run (LogCheck.php), if the username and password is correct, the following code is run:
Code: Select all
session_start();
$_SESSION["logged"] = true;
$_SESSION["username"] =$username;
$_SESSION["password"] =$password;
header("location:main.php");Code: Select all
<?php
session_start();
if($_SESSION["logged"] == false)
{
header('Location: index.php');
}
?>
<html>
...
</html>$SESSION["logged"] to be true. If it was true, the If statement should NOT be run and the html code beneath it should be run. This is not happening, when I enter the correct login details, the if statment is being ran anyway and taking me back to index.php. So this is where my lack of PHP comes in as I cant work out any alternatives! I've only be doing PHP for about a week properly.
Any help would be greatly appreciated and if I have missed anything out, I will put it here.
Thanks in advance. Chris.