i have 2 forms... i can pass all my information over from the 1st form to another... but i do not want anyone to go into the 2nd form without login first. i'm using sessions to pass my information. anyone have any idea how i can make my forms secure? thanks!
Sessions should be secure - nobody should be able to inject arbitrary values into a session.
Cookies you could use also, but you'd need to put a value in that nobody can guess correctly, because users can put arbritary values in.
Mark
even though so, i can still type the url of my second form and the page will appear... that's what i would like to prevent... users have to login before being able to access the 2nd page... if users try to enter the 2nd form by typing the url, they'll be redirected back to the login page... any idea how i should go about solving this?
<?php if ($_SESSION['isLoggedIn']) { // boolean include 'form2.php'; } else { include 'nologin.php'; }
