Securing members pages and the logout?

This topic is locked

Securing members pages and the logout?	6/21/2006 7:05:27 AM
PHPRunner General questions
B bmak author Hello, Do you have any tutorials/information on how I secure pages in, say, a membership area from people who are not logged in but may know the direct url path to a members page? How do i create a 'logout' link in my pages? Thanks for your help with this. Regards bmak

Mark as Solved Mark as not solved

9 replies


	Alexey admin 6/21/2006
	Hi, put this code to the beginning of your page to secure it: if(!@$_SESSION["UserID"]) { $_SESSION["MyURL"]=$_SERVER["SCRIPT_NAME"]."?".$_SERVER["QUERY_STRING"]; header("Location: login.php?message=expired"); return; } Here is the code for logout link: <a href="login.php?a=logout">Log out</a>


B	bmak author 6/21/2006
	Hi, put this code to the beginning of your page to secure it: Here is the code for logout link: Hello and thanks for the help. One question. The reason I had asked about the logout function was because I thought it had to clear a session or somesuch (sorry for the vagueness - I'm not a php programmer and that's why I am trying your software). Regards bmak


	Alexey admin 6/21/2006
	sure, login.php clears session when you pass it a=logout parameter.


B	bmak author 6/21/2006
	Hello, Thanks again for the code. Can you help with the syntax please? Does your code for securing the pages go inside PHP braces, or is it placed in the body somewhere? Thanks bmak


B	bmak author 6/22/2006
	Hello Alexa, Sorry to bug you, but could you advise on my last question regarding the syntax of this code please?


	Alexey admin 6/22/2006
	Hi, this is PHP code: if(!@$_SESSION["UserID"]) { $_SESSION["MyURL"]=$_SERVER["SCRIPT_NAME"]."?".$_SERVER["QUERY_STRING"]; header("Location: login.php?message=expired"); return; } Sure, it should be placed inside PHP braces.


B	bmak author 6/22/2006
	Hi, this is PHP code: Sure, it should be placed inside PHP braces. Hello Alexa, I must be doing something wrong with this. I installed the code on a page that should only be accessible to a logged-in user. I then logged in as a valid user and was taken to the page protected by the code (this is the page that the login goes to once a suceessful login has been achieved. Unfortunately it automatically returns me to the login page. Any idea what I am doing wrong? bmak


	Alexey admin 6/22/2006
	Try to put a call to session_start() function to the beginning of your file. I.e. use this code: session_start(); if(!@$_SESSION["UserID"]) { $_SESSION["MyURL"]=$_SERVER["SCRIPT_NAME"]."?".$_SERVER["QUERY_STRING"]; header("Location: login.php?message=expired"); return; }


B	bmak author 6/23/2006
	Hi Alexa, Yep, that seems to have done it. Thanks for your help. bmak

9 replies

Mark as Solved Reply