6 replies to this topic

[techker]

hey guys i made a small AIO aplication for my buddy and i was wondering if i can link a page direct without the login?

cause i made a protected admin section and the AIO links to it.now i don't want to have to login all the time...

is there a way?i used sessions for the login.

the way i was thinking is that in the link has a code in the link that the login page can detect ?like i have a login check page.so i can link to the login check page intead of the login form?

Edited by techker, 19 April 2009 - 12:07 PM.

[Khaotic]

Sessions should be fine. If not, cookies are another way. If that doesn't work, check the privileges to the pages you trying to link to. Actually, the simplest way to do it is at the top of the pages(if they are php pages) is to add something like:

<?php if (isset($_COOKIE['loggedIn'])) { code_here; }

[Orjan]

Of course you could give a code to override login. It's just to add in code where you deny access when not logged in, to still allow if that code given is correctly set.

[techker]

what i did is that my login page goes to a check login.

so in that check login i set the mypassword and myusername to GET instead of post and renamed the page.

so my application links to that new page with the link

mylink.com?myusername-like&mypassword=me

[Khaotic]

If security is what you are trying to accomplish, then that is not the best way to do that. Why not just set a cookie to the root public_html dir and check for a cookie?

[techker]

how would i do that?

[Khaotic]

There a number of ways to do so.
the easiest is to just set a cookie like this: setcookie("name","logged in",$expireTime,"/");

Notice the last parameter. See how "/" is specified? Well that makes the cookie available in any path of the site you are on - the cookie is global.

On the pages you want to check for the cookie on, just add something like this at the VERY top, before any html. This step is VERY important since cookies are sent with the headers. Just add something like this: <?php ob_start(); if(!isset($_COOKIE['name'])) { do watever you want to do if they/you are not logged in } ?> Then the page contents can go here or whatever. Just look at php.net's page for more info on cookies.