not if the include file ends with a .php -- since it is in <? ?>, anybody
acessing the file from a web browser would not be able to see it.
Michael Fork - CCNA - MCP - A+
Network Support - Toledo Internet Access - Toledo Ohio
On Tue, 13 Mar 2001, David Olbersen wrote:
> On Tue, 13 Mar 2001, Michael Fork wrote:
>
> ->The easiest way in PHP that I have found is to create a file called
> ->validate.php containing the following:
> ->
> -><?
> -> if ($HTTP_COOKIE_VARS["MyCookie"] != 'Some Value') {
> -> header("Location: http://my.company.com/login";);
> -> }
> ->?>
> ->
> ->and, after the user has logged in, set a cookie. Then, for each page that
> ->should be for a logged-in user only, just include the validate.php file.
>
> Boy that's not very secure...I could find your included file, see what 'Some
> Value' is, and then just make my own cookie!
>
> -- Dave
>
>
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo@xxxxxxxxxxxxxx
