typing the address

Anon

I have one login page. if people entry the correct username and password, they will jump into the 'correct' page. However, without enter username and password, they stil can go to that page by typing the address of that page. how to make they can't do that

Anon

you can always check for a cookie, that you set on the login page.

Anon

Another way to do this without cookies is to create a standard security function at the top of all your pages. The security function automatically checks to see if the user has the correct credentials. The downside to this system is that you have to create hidden fields on each of your pages that will transfer the credentials to the next page.

If you can possibly use a session or cookies I would go that route because my way forces you to put a form on EVERY page with your navigation buttons on it to take the user from place to place. The only reason to do this would be if you needed to support browser clients who could not use sessions or cookies.

Kablarg (M7_B5)