PHP Login: Protecting Page Use phpSecureSite



PHP Login System Tutorial: In this post, we try to protect our pages when client go direct at that pages. Before valid login, they shouldn't go at that pages. For this job, we will create a file that will be loaded in every secret pages.

Create a file named "global.php", Enter following codes:

 <?
 require ("./phpsecuresite/phpss/phpss.php");

 function authwrapper(){
 	$status = phpss_validate();
 	
 	switch($status){
		case "phpss_validate_allow":
		break;
		
		case "phpss_validate_acl_deny":
		exit("You don't have access right");
		break;
		
		case "phpss_validate_nosession":
		exit("Login, Please");
		break;
		
		case "phpss_validate_hijack_fail":
		exit("Whats going on your IP?");
		break;
		
		case "phpss_validate_ipaccess_deny":
		exit("Your IP blocked");
		break;
		
		case "phpss_validate_timeout_fail":
		exit("You session is time out. Relogin, please.");
		break;
		
		default:
		exit("Sorry!");
		
	
	}
}
 ?>
Open secretpages.php file. Enter following code at first line: 
<?
require "./global.php";
authwrapper();
?>

when user go secretpages.php directly, he will get like this:

message where no session at phpsecuresite

Series this article:
PHP Login: Creating Login System Use PhpSecureSite (Introduction)
PHP Login: Installation of phpSecureSite
PHP Login: Configuration of phpSecureSite
PHP Login: Create Example Administrator at phpSecureSite
PHP Login:Creating Login Form Use phpSecureSite
PHP Login: Protecting Page Use phpSecureSite
PHP Login: Creating Logout from phpSecureSite


Tag: login, security, phpsecuresite Category: PHP Security, PHP Classes Post : January 09th 2008 Read: 3,162 Bookmark and Share

blog comments powered by Disqus