FAQTs - Knowledge Base - View Entry - How do I block direct access

Faqts : Computers : Programming : Languages : PHP

+ Search

phpbuilder.com, PHP: overview: directory: Google, Online Backup Guide, Thoughts.com, webmaster resources, webmaster forum, FAQTs, Web Hosting, Web Hosting Blog, Mobile Games 4 Fun, Reverse Cell Phone Lookup, Wordpress Themes, Moving Companies, Pods, Budget Van Lines, Moving and Storage,

Entry

How do I block direct access

Jan 27th, 2003 22:14
noel darlow, Thomas Anderson,

I have a page, A.php that make the authentification and get you to 
B.php?code=13 if your password was ok.  Now my problem is if 
someone type directly in the url B.php?code=13 it 
works....what I want (for sevurity matter) is that you cannot access 
the page B without first giving your password to A.  How can I do that?
----------------------------------------------------------------
Here's something I use which checks the query string (ie the text typed 
in the browser - see php manual):
function accessCheck () {
    $qr = $_SERVER['QUERY_STRING'];
    $qr = substr($qr, 0, 14);
    IF ($qr != "page=admin_1") {
        $badaccess = 1;
        return $badaccess;
    } ELSE {
        $badaccess = 0;
        return $badaccess;
    }
}
I only want people to access functions in this file when substr
($header, 0, 14) == page=admin_1 (adjust the substr() arguments as 
appropriate). I run at the start of each function in the (admin) file 
and block access with a "return" step if someone got here with the 
wrong query string.
At least I hope that's what it does .. still learning lol.
McGruff