Session restrictions (all but one!)

richardbotw

I am new to this PHP lark, and anyway, I have a login system works fine, logs in, logs out, hurrah! I've also learnt how to restrict the access to pages within sessions using the following code...

<?php
session_start();
if(!session_is_registered("username"))
{
 header("Location: logon.php");
}
?>

However, I have one small problem. After adding the above code, users can still access the logins' parsing file passwordverify.php which looks like this...

<?php
session_start();
session_register("usertype");
session_register("username");
session_register("sessionident");

if(!session_is_registered("username"))
{
 header("Location: logon.php");
}
?>

Therefore I need to restrict this page, but how do I do it as this technique doesn't work. Help! Thank you.

tha_mink

You wrote

<?php
session_start();
session_register("usertype");
session_register("username");
session_register("sessionident");

if(!session_is_registered("username"))
{
 header("Location: logon.php");
}
?>

But why not...

<?php
session_start();
if(!session_is_registered("username"))
{
 header("Location: logon.php");
}
session_register("usertype");
session_register("username");
session_register("sessionident");


?>

richardbotw

Hi, I've tried this method however although its restricts users from accessing the passwordverfiy file, when users try to login here (user: Fabian24 pass: cheese) - they cannot log in!

Have a go....

Link