Re: Header, Directory, and SESSIONs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



What don't you use a session var like $HTTP_SESSION_VARS['folder'] =
'folder1' or = 'folder2'. If the user switch the directories after the login
you verify if the $HTTP_SESSION_VARS['folder'] is good for any of the two
session, if not session_destroy() and go to the login page. You may do that
by creating a new file 'verifyFolder.php':

<?php
    session_start();
    if (isset($HTTP_SESSION_VARS['folder']) && $HTTP_SESSION_VARS['folder']
!= 'folder1' && $Username ...){
        session_destroy();
        header('Location:login.php')
    }
?>

and to any file in the folder add in the first line

<?php
require_once('verifyFolder.php');
?>

it's easiear this way to verify the rights in one file and include him to
all other. This way you are sure the session is starting and the code is
easiear to debug
-- 
-------------------------------------------------
Cristian MARIN - Developer
InterAKT Online (www.interakt.ro)
Tel:         +4021 312.53.12
Tel/Fax:  +4021 312.51.91
cristic@interakt.ro
"Nabil" <nabil.attar@aws-syria.com> wrote in message
20030621085529.49816.qmail@pb1.pair.com">news:20030621085529.49816.qmail@pb1.pair.com...
> Hi all, wish u all a good weekend..
> Guys I have a question as the following:
>
> 1- In my wwwroot I have two folders : folder1  and folder2 (actually I
have
> 14 folders)
> 2- In the same two folders there are same PHP files do the same job, as db
> jobs with different databases..
> 3- I log in the users by register a session, lab lab lab ... etc
> 4- the logging files in the two folders are different by registering a
> different session value.
> 4- I want if any user jumped to the other directory and logged in with the
> correct requested password TO HAVE THE FIRST SESSION UNREGISTERED
> automatically, so he can't be logged in in both at same time.. and keep
only
> the new.. and ofcourse have to re logging if he jumped back to the first
> one...
>  (the reason that every folder has different DB connection, and the
> interface of the two section are identical.. so I need to split it .to
avoid
> any problems with many users ....)
>
> 5- what I m trying to do is , if there is a possibility to control the
> header.. by if { /folder1 go } else { unregister session whatever}
> if {/ folder2 .............. } else {.........} etc
>
> 6- IS IT A GOOD WAY TO DO IT , OR NOT? of cource I need a security in the
> first place..
>
> I HOPE I WAS CLEAR, and thanks for your patient again...   :))
> (sorry because it might be shouldn't in db list)
> Regards
> Nabil
>
> ----------
> ""open source world, open mind for all""
>
>



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux