|
Click to See Complete Forum and Search --> : restrict page kproc 01-17-2007, 07:57 PM Hi I have a site where users login. The pages within the login area should only be viewable my logged in members. how stop logged in user from viewing these pages and prevent them from being indexed by google and other seach engines NightShift58 01-17-2007, 08:00 PM The easiest way would be to setup some kind of session control with $_SESSION variable from the moment that a user logs in to your site. Each page that you want to offer only to logged in members shoud check for the existence of the appropraite session variables. Goggle & Co. will never have a session variable set and they will not be able to access the pages. kproc 01-17-2007, 08:11 PM does something like this make sense <?php /* Check User Script */ session_start(); // Start Session include ('../Connections/db.php'); //validate if user logged in $user_id = $_SESSION['user_id']; $sql_validate_user = mysql_query("SELECT * FROM users WHERE user_id = '$user_id'"); $validate_user = mysql_num_rows($sql_validate_user); if(!$validate_user){ $msg .= '<div style="width:350px" id= "formmessage">'; $msg .= "You tryed to access a members only page. Please login or become a registered member to access that page!"; $msg .= '</div>'; header("Location: ../index.php"); exit(); } ?> NightShift58 01-17-2007, 08:20 PM File "login.php":<?php session_start(); // Start Session //do login form & procedure ... ... if ($valid_user) { $_SESSION['user_id'] = $user_id; } ?> File "restricted_page1.php":<?php include "session_check.php"; //continue with content... ?> File "restricted_page2.php":<?php include "session_check.php"; //continue with content... ?> File "session_check.php: <?php /* Check User Script */ session_start(); // Start Session //check if user is already logged in if (!isset($_SESSION['user_id']) OR $_SESSION['user_id'] <> ""); $msg .= '<div style="width:350px" id= "formmessage">'; $msg .= "You tryed to access a members only page. Please login or become a registered member to access that page!"; $msg .= '</div>'; header("Location: ../index.php"); exit(); } ?> You only really need to check if the user is already logged in. If you set $_SESSION['user_id'] when the user logs in properly, you don't need to keep checking against the database. webdeveloper.com
Copyright Internet.com Inc., All Rights Reserved. |
|