[thelist] Bypassing a login

Scott Brady evolt at scottbrady.net
Tue Jan 28 08:59:01 CST 2003


From: Rob Whitener <rwhitener at DesignOptions.com>
> Is there anyway to prevent people from just typing in a URL to
> get around the login. They wouldn't be able to see any
> information, but I will have a mailing list that I wouldn't
> want anyone monkeying with.

If the login is processed so that it sets a session variable/cookie when they've logged in, any page which should be only be accessible by logged-in users should check for that session variable/cookie. If it doesn't exist or show them as logged in, then redirect them to the login screen

Scott Brady




More information about the thelist mailing list