Solved

security in accessing web pages?

Posted on 2002-04-01
9
158 Views
Last Modified: 2012-05-04
hai,

Iam using html,php for web page development.
my db is mysql,server apache.
I have a user login page, which validates the user name & password,& later navigates to other pages.

but if I want to restrict the users directly access the second pages,(in case they know the url of second page)
what security measures I need to take & how.
can anyone suggest me.

thanks
manju
0
Comment
Question by:manju70
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 30

Expert Comment

by:third
ID: 6912210
im not an expert in php i usually use asp as a server-side script. in asp, i do it through session. i set a session after validating the user. then on each succeeding page, i check for the value of this session. if it doesn't exist i redirect him to the main page, if it does (meaning the user went the right process) then i'll display the page.

i've searched a little and found out session_id in php. its quite similar i guess so read about it. i'm hoping you're familiar with it too. gud luck!

http://www.php.net/manual/en/function.session-id.php

http://www.php.net/manual/en/ref.session.php
0
 
LVL 12

Expert Comment

by:lexxwern
ID: 6912664
well i would suggest you to write the html of the private pages thru the script every time the user logs in; i have no knowledge about php so im not sure if this can be done in that;

but writing dyhnamically is the idea;

lexxwern
and
Belated Happy Holi
0
 
LVL 12

Expert Comment

by:lexxwern
ID: 6912665
well i would suggest you to write the html of the private pages thru the script every time the user logs in; i have no knowledge about php so im not sure if this can be done in that;

but writing dyhnamically is the idea;

lexxwern
and
Happy Holi
0
 
LVL 12

Expert Comment

by:lexxwern
ID: 6912670
or perhaps the login script writes a file onto the server; and the page loads only if the file exists and on logout this file gets deleted;

lexxwern

PS. as you see there may be a number of solutions and you will have to decide which is the best for you;
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 18

Accepted Solution

by:
bruno earned 30 total points
ID: 6913073
I'll back up what third said.

I do the same thing in ASP, when the user logins in to my page, i set

===
session("strLogin") = true
===

then i check that on each page..

===
if session("strLogin") <> true then
   response.redirect = "login.asp"
end if
===

I hope you can translate that to PHP, it's pretty straightforward, but I don't know PHP either.


BRUNO



0
 
LVL 18

Expert Comment

by:bruno
ID: 6924690
manju70,

any reason for the B grade without a comment?


BRUNO
0
 
LVL 30

Expert Comment

by:third
ID: 6924866

and any reason why the backup answer was accepted??

0
 
LVL 18

Expert Comment

by:bruno
ID: 6925314
another good question...  :-)  sorry third.  
0
 
LVL 5

Expert Comment

by:Netminder
ID: 6927355
Grade changed.

third: points for you at http://www.experts-exchange.com/jsp/qShow.jsp?ta=html&qid=20286375

Netminder
CS Moderator
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
Finding original email is quite difficult due to their duplicates. From this article, you will come to know why multiple duplicates of same emails appear and how to delete duplicate emails from Outlook securely and instantly while vital emails remai…
In this tutorial viewers will learn how add a scalable full-width header using CSS3. Create a new HTML document with an internal stylesheet. Set a tiled background.:  Create a new div and name it Header. Position it with position:absolute at the top…
In this tutorial viewers will learn how to code links for mobile sites that, once clicked, send a call or text to a specified number. For a telephone link (once clicked, calls a number), begin with a normal "<a href=" link tag. For the href, specify…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now