Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

security in accessing web pages?

Posted on 2002-04-01
9
Medium Priority
?
166 Views
Last Modified: 2012-05-04
hai,

Iam using html,php for web page development.
my db is mysql,server apache.
I have a user login page, which validates the user name & password,& later navigates to other pages.

but if I want to restrict the users directly access the second pages,(in case they know the url of second page)
what security measures I need to take & how.
can anyone suggest me.

thanks
manju
0
Comment
Question by:manju70
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 30

Expert Comment

by:third
ID: 6912210
im not an expert in php i usually use asp as a server-side script. in asp, i do it through session. i set a session after validating the user. then on each succeeding page, i check for the value of this session. if it doesn't exist i redirect him to the main page, if it does (meaning the user went the right process) then i'll display the page.

i've searched a little and found out session_id in php. its quite similar i guess so read about it. i'm hoping you're familiar with it too. gud luck!

http://www.php.net/manual/en/function.session-id.php

http://www.php.net/manual/en/ref.session.php
0
 
LVL 12

Expert Comment

by:lexxwern
ID: 6912664
well i would suggest you to write the html of the private pages thru the script every time the user logs in; i have no knowledge about php so im not sure if this can be done in that;

but writing dyhnamically is the idea;

lexxwern
and
Belated Happy Holi
0
 
LVL 12

Expert Comment

by:lexxwern
ID: 6912665
well i would suggest you to write the html of the private pages thru the script every time the user logs in; i have no knowledge about php so im not sure if this can be done in that;

but writing dyhnamically is the idea;

lexxwern
and
Happy Holi
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 12

Expert Comment

by:lexxwern
ID: 6912670
or perhaps the login script writes a file onto the server; and the page loads only if the file exists and on logout this file gets deleted;

lexxwern

PS. as you see there may be a number of solutions and you will have to decide which is the best for you;
0
 
LVL 18

Accepted Solution

by:
bruno earned 120 total points
ID: 6913073
I'll back up what third said.

I do the same thing in ASP, when the user logins in to my page, i set

===
session("strLogin") = true
===

then i check that on each page..

===
if session("strLogin") <> true then
   response.redirect = "login.asp"
end if
===

I hope you can translate that to PHP, it's pretty straightforward, but I don't know PHP either.


BRUNO



0
 
LVL 18

Expert Comment

by:bruno
ID: 6924690
manju70,

any reason for the B grade without a comment?


BRUNO
0
 
LVL 30

Expert Comment

by:third
ID: 6924866

and any reason why the backup answer was accepted??

0
 
LVL 18

Expert Comment

by:bruno
ID: 6925314
another good question...  :-)  sorry third.  
0
 
LVL 5

Expert Comment

by:Netminder
ID: 6927355
Grade changed.

third: points for you at http://www.experts-exchange.com/jsp/qShow.jsp?ta=html&qid=20286375

Netminder
CS Moderator
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
Find out what you should include to make the best professional email signature for your organization.
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question