Solved

security in accessing web pages?

Posted on 2002-04-01
9
162 Views
Last Modified: 2012-05-04
hai,

Iam using html,php for web page development.
my db is mysql,server apache.
I have a user login page, which validates the user name & password,& later navigates to other pages.

but if I want to restrict the users directly access the second pages,(in case they know the url of second page)
what security measures I need to take & how.
can anyone suggest me.

thanks
manju
0
Comment
Question by:manju70
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 30

Expert Comment

by:third
ID: 6912210
im not an expert in php i usually use asp as a server-side script. in asp, i do it through session. i set a session after validating the user. then on each succeeding page, i check for the value of this session. if it doesn't exist i redirect him to the main page, if it does (meaning the user went the right process) then i'll display the page.

i've searched a little and found out session_id in php. its quite similar i guess so read about it. i'm hoping you're familiar with it too. gud luck!

http://www.php.net/manual/en/function.session-id.php

http://www.php.net/manual/en/ref.session.php
0
 
LVL 12

Expert Comment

by:lexxwern
ID: 6912664
well i would suggest you to write the html of the private pages thru the script every time the user logs in; i have no knowledge about php so im not sure if this can be done in that;

but writing dyhnamically is the idea;

lexxwern
and
Belated Happy Holi
0
 
LVL 12

Expert Comment

by:lexxwern
ID: 6912665
well i would suggest you to write the html of the private pages thru the script every time the user logs in; i have no knowledge about php so im not sure if this can be done in that;

but writing dyhnamically is the idea;

lexxwern
and
Happy Holi
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 12

Expert Comment

by:lexxwern
ID: 6912670
or perhaps the login script writes a file onto the server; and the page loads only if the file exists and on logout this file gets deleted;

lexxwern

PS. as you see there may be a number of solutions and you will have to decide which is the best for you;
0
 
LVL 18

Accepted Solution

by:
bruno earned 30 total points
ID: 6913073
I'll back up what third said.

I do the same thing in ASP, when the user logins in to my page, i set

===
session("strLogin") = true
===

then i check that on each page..

===
if session("strLogin") <> true then
   response.redirect = "login.asp"
end if
===

I hope you can translate that to PHP, it's pretty straightforward, but I don't know PHP either.


BRUNO



0
 
LVL 18

Expert Comment

by:bruno
ID: 6924690
manju70,

any reason for the B grade without a comment?


BRUNO
0
 
LVL 30

Expert Comment

by:third
ID: 6924866

and any reason why the backup answer was accepted??

0
 
LVL 18

Expert Comment

by:bruno
ID: 6925314
another good question...  :-)  sorry third.  
0
 
LVL 5

Expert Comment

by:Netminder
ID: 6927355
Grade changed.

third: points for you at http://www.experts-exchange.com/jsp/qShow.jsp?ta=html&qid=20286375

Netminder
CS Moderator
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this. Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it i…
Finding original email is quite difficult due to their duplicates. From this article, you will come to know why multiple duplicates of same emails appear and how to delete duplicate emails from Outlook securely and instantly while vital emails remai…
In this Micro Tutorial viewers will learn how to create navigation buttons that change on rollover, using CSS (Continuation of the CSS Image Sprite tutorial) Create a parent ID for all the list items       - Specify position: absolute and display: block…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question