how do you handle sessions in frames

rico_bano

Hi I hope someone can give me some advice.

Im creating a secure area for my website using frames. To check if a user is logged in im using

if(!isset($_SESSION['username'])){
//redirect to login page
}

My question is do i need to include that on all php pages that are linked to from my frameset or is there a better way of doing it.

Any advice would be greatly appreciated

cafrow

I personally do not like frames much. What I do is a simply put the include script at the top of a page that I want to make sure is secure, if they user has not logged in the page that I want to be secure will not execute and they will be redirected to the login page.

include 'security.php';

Security.php

if (!$_session['login'] == "true"){
header ("LOCATION: login.php");
exit();
}

that way you can always change your login system and not have to do it on 20 pages, just on the one, also it saves you from typing that all out everytime. I would recommend something like this.