[英]Prevent direct access to a webpage by typing the URL
So I'm hosting my website (let's call is abc.com ) on goDaddy. 因此,我在goDaddy上托管了我的网站(我们的电话为abc.com )。
I have a login page ( abc.com/login.html ). 我有一个登录页面( abc.com/login.html )。
Which takes me to a second page called booking ( abc.com/booking.html ) once the login credentials are verified. 验证登录凭据后,将转到第二个页面,称为预订( abc.com/booking.html )。
So I don't want people to be able to just type abc.com/booking.html and access it. 因此,我不希望人们能够输入abc.com/booking.html并进行访问。 I want them to go to abc.com/login.html and then go to abc.com/booking.html 我希望他们去abc.com/login.html ,然后去abc.com/booking.html
So I came across 2 ways to fix this - 所以我遇到了2种解决方法-
so your login screen should already have session code implemented into it that has a variable that specifies if the user is logged in or not. 因此您的登录屏幕上应该已经实现了会话代码,该会话代码具有一个变量,该变量指定用户是否登录。 If you don't have that implemented yet, the code would look similar to: 如果尚未实现,则代码将类似于:
<?php session_start();//at the very top of the page
?>
//... your own code
//if the user successfully logs in then:
$_SESSION['authenticated']=true;
Then on the booking.php page (it should be php to allow php scripts which is super important for validating if a user is logged in), you would then check if the user did log in. If he did, the rest of the page loads, if he didn't, you would redirect them to login.php: 然后在booking.php页面上(应该是允许使用php脚本的php,这对于验证用户是否登录非常重要),然后您将检查用户是否已登录。如果已登录,页面的其余部分加载,如果他没有加载,则将它们重定向到login.php:
at the very top of booking.php: 在booking.php的最上方:
<?php session_start();
if (!isset($_SESSION['authenticated']))
{
//if the value was not set, you redirect the user to your login page
header('Location https://www.example.com/login.php');
exit;
}
else
{
//if the user did login, then you load the page normally
}
eg. 例如。
if (!isset($_POST['auth'])) {
// redirect user back to login page
} else {
// successful login
}
You can do it like 你可以像
rename extensions of all pages where you want this authentification 重命名您要进行身份验证的所有页面的扩展名
eg 例如
login.html >> login.php
booking.html >> booking.php
booking-suceess.html >> booking-success.php
create one script namely auth.php with following code 使用以下代码创建一个脚本即auth.php
<?php
session_start();
if(!isset($_SESSION['username'])){
header("location:login.php");
}
?>
In login.php add session 在login.php中添加会话
$_SESSION['username'] = $_POST['username'];
Now you can add auth.php in any php page where you want login compulsory as follow : 现在,您可以在要强制登录的任何php页面中添加auth.php ,如下所示:
include ('auth.php');
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.