[thelist] Bypassing a login
Scott Brady
evolt at scottbrady.net
Tue Jan 28 08:59:01 CST 2003
From: Rob Whitener <rwhitener at DesignOptions.com>
> Is there anyway to prevent people from just typing in a URL to
> get around the login. They wouldn't be able to see any
> information, but I will have a mailing list that I wouldn't
> want anyone monkeying with.
If the login is processed so that it sets a session variable/cookie when they've logged in, any page which should be only be accessible by logged-in users should check for that session variable/cookie. If it doesn't exist or show them as logged in, then redirect them to the login screen
Scott Brady
More information about the thelist
mailing list