Tom Thackrey wrote:
On 19-Nov-2003, "NotGiven" <no****@nonegiven.net> wrote:
I have a web page where certain pages have to be opened in a certain
order and should only be available when the user openes them in HTTPS.
They are all forms and the form action sends you to the next https://
page
but you can also take the S out of https:// and it opens also. That's
what
I need to avoid as well as making certain they got to a certain page FROM
a
certain page.
When I try:
if (isset($_SERVER['HTTPS']!='on'))
it crashes and is not even listed on php.net as a valid variable.
Either hide something in a field on the page that you check in the next
page (if your hidden field isn't in the $_POST array you know the user
didn't come from that page) or use sessions.
You could do it with sessions.
on the first page: (start the sessions and all that good stuff)
$_SESSION['pageone'] = true
on page two:
if($_SESSION['pageone'] == true){
$_SESSION['pagetwo'] = true;
pagetwostuff();
}
else{
echo "Please visit page one first!";
echo "<a href="pageone">page one</a>";
}
continue if you have page 3, etc...
if($_SESSION['pageone'] == true && $_SESSION['pagetwo'] == true)
if you have lots of pages in sequence, you may want to figure out a way to
do this with an array instead of individual arrays. ie:
pages[0] == true; // visited page one
pages[1] == true; // visited page two
pages[2] == false; // didnt visit page three/on page 3 perhaps?
pages[3] == false; // didnt visit page four
Good Luck!
-Eric Kincl