HI Guys,

I got another problem...

I want to make my online site more secure. I can't understand how we can make the site more secure?

My Problem is:

Whenever I sign in with some ID and than sign out, I can easily go to the same secure page without any restriction. Can anybody help me soon....

Tnank you
Gurung




mekh dev gurung

__________________
MD Gurung

Hey, Gurung,

I had the same problem here.

I don't know what method you are using, but this is how I resolved the problem: I used sessions.

You might want to put the username in $_SESSION['username'] and the password in $_SESSION['password']. This is what I ended up doing. The great thing about sessions is the $_SESSION variable is editable, so to log out, just use unset($_SESSION['username']); and the same with the password.

Remember that pages that use sessions must have session_start(); at the beginning of the page.

HTH,

----------
---Snib---
----------

How do you authenticate users when they "log in"? What prevents them from seeing restricted pages without logging in?

The same mechanism you use to protect these pages should work the same regardless whether:
 1) a user hasn't logged in, or
 2) a user logs in and logs out.


Take care,

Nik
http://www.bigaction.org/

I should add that if you're using sessions to store authentication data, simply destroy the session variables or modify the session such that the user is not logged in.


Take care,

Nik
http://www.bigaction.org/

Hi guys,
I have done that and am about to find anyother loop whole if any...

Thanx guys

mekh

mekh dev gurung

I mean loop holes in my site

mekh dev gurung

No problem. Let us know if you discover any snags.


Take care,

Nik
http://www.bigaction.org/