• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

PHP Prevention of Direct linking code

S

soulesschild

Supreme [H]ardness
Joined
Feb 18, 2007
Messages
6,176
Hey folks!

So I have this piece of code that works on my home.php page, but if I try to add this same code to any other page, it just keeps redirecting to the login page->home page. Any idea why? Is it because the home.php should also POST the userID like the index login page does?

Code: 
<?php

include('header.php');
//check to see if the user has logged in
if(isset($_POST['userID'])){
	// if it works display ID and allow access
	$userID = $_POST['userID'];
	echo "<strong>User ID: $userID</strong><br>";
	}
	else{
	// if not logged in redirect to login page
		header('Location: index.php');
	};


?>
 
You'll want to read up on the $_POST global var: http://php.net/manual/en/reserved.variables.post.php

You'll also want to check out the isset function: http://us.php.net/manual/en/function.isset.php

Generally speaking, you don't want be POSTing for every page refresh. If you have a session variable ( like userID seems to be ), you can either use the built in session support in php ( http://us.php.net/manual/en/book.session.php ) or roll your own with mysql and cookies ( http://us.php.net/manual/en/function.setcookie.php ).
 
You must log in or register to reply here.
Back
Top