Hi all
I am building a small website with an area where members must log in, the problem is that if you enter the URL of a membership area page in your browser, you get access to this page even if you are not a member or not logged in. Is there a way of preventing this?
Thank you
security issue
Moderator: General Moderators
Re: security issue
Read about sessions.
On a successful login, set a session variable like $_SESSION['logged']=1;
On logout, unset it.
On the membership page, check if it's 1, if not redirect to the login page and call exit();
On a successful login, set a session variable like $_SESSION['logged']=1;
On logout, unset it.
On the membership page, check if it's 1, if not redirect to the login page and call exit();