This question is an exact duplicate of:
- session protection 3 answers
I am creating a webpage bit by bit, testing parts of the webpage ideas. I want to learn how to session protect a page. I have already password protected a page seccsesfully, but anybody can access the page by typing in the url. i want to session protect my page so no one can do that. i have three pages: index.html, which has the form which sends the the password.php, the password.php, which makes sure that the password and username are correct using "if statments"(here is the "if statment")
if ($username == 'mgmb99'){
if ($password == 'mgmb91mas'){
header('Location: youhere.php');
} else {
echo 'your username or password is wrong.<a href="http://www.passwordtest.comze.com"> go back to login page </a>';
}} else {
echo 'your username or password is wrong.<a href="http://www.passwordtest.comze.com"> go back to login page </a>';
};
, and the youhere.php which is the page once you logged in.
</div>