Peace! Your welcome... Glad I was a blessing to you in this matter... GOD BLESS! On Fri, 17 Dec 2004 07:33:39 -0000, Jason <jason@xxxxxxxxxx> wrote: > > > THANK YOU SO MUCH, you did not give me the code I needed but you did > get me on the right road to solving the problem....... > ----------- > <?php > session_start(); > if(($_SERVER["HTTP_REFERER"]=="http://www.tossaround.com/index.php";) > XOR ($_SERVER["HTTP_REFERER"]=="http://www.tossaround.com/index.php? > specialurl=my_account.php")){ > if($_SESSION["LOGIN"]==false){ > $redirect=true; > $delay=5; > $goto="sign_in.php"; > include("includes/header.php"); > echo("Sorry but you must be logged in first"); > }else{ > include("includes/header.php"); > echo("Welcome"); > }; > include("includes/footer.php"); > }else{ > die("<script>window.location=\"index.php\"</script>"); > }; > ------------ > This prevents users from directly accessing the file unless they call > the fill from the two URL which requires them to be within the index > page.....ROCK ON!!!! > > Thank you so much for your help. > > --- In php-objects@xxxxxxxxxxxxxxx, Andrew John Young > <andrewjohnyoung@xxxx> wrote: > > Peace! > > > > Hi Jason, > > > > let me get this straight... okay you have a home page with an IFRAME > > right? the home page is index.php and you initialized a > session_start > > ( ) and I'm assuming you wrote a cookie . > > > > okay if I'm still right, on the content pages you initialized a > > session_start() and checked for the existence of this cookie and if > > this cookie is not available your sent back to the home page right? > > > > ok, since the home page starts the session you can then directly > write > > the content page's url and access it directly. You don't want this > to > > happen.... > > > > well, this is quite sticky since you don't employ a login > procedure... > > at least with the login procedure you can initially destroy all > cookie > > sessions first via session_unset() and session_destroy() then delay > > writting the cookie session after the user has logged in. > > > > But you can check for referring pages, I think... have you tried > using > > $_SERVER["HTTP_REFERER"] > > > > if the referring page is'nt index.php then you can kick them back to > > the index page... anyway, experiment with it... and try downloading > > the PHP chm manual... it really helps especially the extended > version. > > > > > > GOD BLESS! > > On Thu, 16 Dec 2004 13:06:36 -0000, Jason <jason@xxxx> wrote: > > > > > > > > > OK what I am trying to do is block users from accessing a page > > > directly. > > > > > > I want them to only be able to view the page via the IFRAME and > not > > > type in the URL and go to it directly. > > > > > > I have a session started on all pages and if the index.php doesnt > > > start the session varible you can not access the page...it returns > > > them to the index.php. Problem is, once the index.php has > run...you > > > can then type the url in directly and go to the page. > > > > > > Is there a way to stop this??? > > > > > > If you need more details just ask.... > > > > > > > > > PHP Data object relational mapping generator - http://www.meta- > language.net/ > > > Yahoo! Groups Links > > > > > > > > > > > > > > > > > > > > > -- > > Engr. Andrew John P. Young > > IT Consultant/RH Technician > > sn# 609003172208054 > > "With God Everything IS POSSIBLE" > > > PHP Data object relational mapping generator - http://www.meta-language.net/ > Yahoo! Groups Links > > > > > -- Engr. Andrew John P. Young IT Consultant/RH Technician sn# 609003172208054 "With God Everything IS POSSIBLE" ------------------------ Yahoo! Groups Sponsor --------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/saFolB/TM --------------------------------------------------------------------~-> PHP Data object relational mapping generator - http://www.meta-language.net/ Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php-objects/ <*> To unsubscribe from this group, send an email to: php-objects-unsubscribe@xxxxxxxxxxxxxxx <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
