Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

security in accessing web pages?

Posted on 2002-04-01
9
Medium Priority
?
167 Views
Last Modified: 2012-05-04
hai,

Iam using html,php for web page development.
my db is mysql,server apache.
I have a user login page, which validates the user name & password,& later navigates to other pages.

but if I want to restrict the users directly access the second pages,(in case they know the url of second page)
what security measures I need to take & how.
can anyone suggest me.

thanks
manju
0
Comment
Question by:manju70
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 30

Expert Comment

by:third
ID: 6912210
im not an expert in php i usually use asp as a server-side script. in asp, i do it through session. i set a session after validating the user. then on each succeeding page, i check for the value of this session. if it doesn't exist i redirect him to the main page, if it does (meaning the user went the right process) then i'll display the page.

i've searched a little and found out session_id in php. its quite similar i guess so read about it. i'm hoping you're familiar with it too. gud luck!

http://www.php.net/manual/en/function.session-id.php

http://www.php.net/manual/en/ref.session.php
0
 
LVL 12

Expert Comment

by:lexxwern
ID: 6912664
well i would suggest you to write the html of the private pages thru the script every time the user logs in; i have no knowledge about php so im not sure if this can be done in that;

but writing dyhnamically is the idea;

lexxwern
and
Belated Happy Holi
0
 
LVL 12

Expert Comment

by:lexxwern
ID: 6912665
well i would suggest you to write the html of the private pages thru the script every time the user logs in; i have no knowledge about php so im not sure if this can be done in that;

but writing dyhnamically is the idea;

lexxwern
and
Happy Holi
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 12

Expert Comment

by:lexxwern
ID: 6912670
or perhaps the login script writes a file onto the server; and the page loads only if the file exists and on logout this file gets deleted;

lexxwern

PS. as you see there may be a number of solutions and you will have to decide which is the best for you;
0
 
LVL 18

Accepted Solution

by:
bruno earned 120 total points
ID: 6913073
I'll back up what third said.

I do the same thing in ASP, when the user logins in to my page, i set

===
session("strLogin") = true
===

then i check that on each page..

===
if session("strLogin") <> true then
   response.redirect = "login.asp"
end if
===

I hope you can translate that to PHP, it's pretty straightforward, but I don't know PHP either.


BRUNO



0
 
LVL 18

Expert Comment

by:bruno
ID: 6924690
manju70,

any reason for the B grade without a comment?


BRUNO
0
 
LVL 30

Expert Comment

by:third
ID: 6924866

and any reason why the backup answer was accepted??

0
 
LVL 18

Expert Comment

by:bruno
ID: 6925314
another good question...  :-)  sorry third.  
0
 
LVL 5

Expert Comment

by:Netminder
ID: 6927355
Grade changed.

third: points for you at http://www.experts-exchange.com/jsp/qShow.jsp?ta=html&qid=20286375

Netminder
CS Moderator
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Building a website can seem like a daunting task to the uninitiated but it really only requires knowledge of two basic languages: HTML and CSS.
The first step to building an amazing About page is to figure out what you want the page to say about your company. You then must grab the attention of the reader, boast a bit, tell a story and let others brag about you. With a little bit of thought…
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question