[RESOLVED] Hiding File paths

adiwood

How do I ensure that a normal user wouldnt be able to type in say:

www.example.com/admin/adduser.php

and not be able to gain access e.g A message is displayed telling them they arent logged in and dont have access to this page.

Just need some pointers on how to get started on this.

Wynder

Each page in your site should being with start_session(). In your session data, have a variable that tracks whether they've been authenticated. Then...

if(!$_SESSION['Authed'])
{
echo "You don't belong here.";
exit;
}

adiwood wrote:
How do I ensure that a normal user wouldnt be able to type in say:

www.example.com/admin/adduser.php

and not be able to gain access e.g A message is displayed telling them they arent logged in and dont have access to this page.

Just need some pointers on how to get started on this.