472,330 Members | 1,367 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,330 software developers and data experts.

how to restrict access to admin pages

41
hi

i am working on admin section which has a login page with login id and pasword form.
in my admin section i have many pages say like manage_products.php, description.php, user.php etc.

if i have to access the manage_products.php page then i can access it just typing like the link below

http://localhost/vineet/admin/manage_products.php

without entering login user and pasword.

i want to restrict the access of this page through admin panel only. No one should able to access any of the page by typing the url directly. how is it possible.

vineet
Oct 26 '08 #1
4 11020
Markus
6,050 Expert 4TB
hi

i am working on admin section which has a login page with login id and pasword form.
in my admin section i have many pages say like manage_products.php, description.php, user.php etc.

if i have to access the manage_products.php page then i can access it just typing like the link below

http://localhost/vineet/admin/manage_products.php

without entering login user and pasword.

i want to restrict the access of this page through admin panel only. No one should able to access any of the page by typing the url directly. how is it possible.

vineet
You need to write a login page which would compare the user give data against a database of admin credentials. If they matched, set a cookie or a session saying the user has permission to access restricted pages. On restricted pages check if a cookie/session is set to allow them access.

Google
Oct 26 '08 #2
pedalpete
110 100+
another way to go is to use apache and an access file.
Depends on what you want to do. I think if the admin pages are just for you and a few others, the database login route may be overkill.

check out this link
http://www.yolinux.com/TUTORIALS/LinuxTutorialApacheAddingLoginSiteProtection.html
Oct 27 '08 #3
for this you will be take a session ID or session varaible from admin so when you will login as admin then store admin id or any variable in session variable and on top of each page check that if this variable is empty then go for login .

for examle:

Expand|Select|Wrap|Line Numbers
  1.  
  2. if(!isset($_SESSION['adminemail']))
  3. {
  4. header("location:login.php');
  5. exit();
  6. }
  7.  
  8.  
hope you will be unserstand.
Thanks
Oct 28 '08 #4
Markus
6,050 Expert 4TB
for this you will be take a session ID or session varaible from admin so when you will login as admin then store admin id or any variable in session variable and on top of each page check that if this variable is empty then go for login .

for examle:

Expand|Select|Wrap|Line Numbers
  1.  
  2. if(!isset($_SESSION['adminemail']))
  3. {
  4. header("location:login.php');
  5. exit();
  6. }
  7.  
  8.  
hope you will be unserstand.
Thanks
Again, like I have already suggested.
Oct 28 '08 #5

Sign in to post your reply or Sign up for a free account.

Similar topics

3
by: Paul | last post by:
Hi all, at present I I've built a website which can be updated by admin and users. My problem, I've combined "log in" and "access levels" to...
4
by: Ove | last post by:
I have one Access 2000 DB on my website. I want to access these tables from my local database so i do not need to down-/upload the database each...
1
by: com | last post by:
Extreme Web Reports 2005 - Soft30.com The wizard scans the specified MS Access database and records information such as report names, parameters...
19
by: ree32 | last post by:
We have an intranet setup but when you try and connect from outside the network using a windows login & the internet the ASP.net pages (.aspx) on...
1
by: thavaht | last post by:
Iíve been searching on the forum and donít seem to find a post that matches my question: I need to restrict access to some php pages on a web site...
1
by: Mubs | last post by:
Hi PPL, On my website i have setup user log in. once they log in i want to restrict certain users from certain pages.. and on some pages i want...
1
by: Chase Kang #52 | last post by:
I have a web application using custom authentication and role management, which seems to work properly. I also have a web config file with the...
17
by: yuvang | last post by:
Hi all I have a mdb with login name and password form. There are several login names, i defined through a table "User_login". Here the problem is...
2
by: beyrself | last post by:
Hi, i've created a application using microsoft visual studio 2005. I've publish the exe application using IIS. now is issue is. I need to restrict...
0
by: tammygombez | last post by:
Hey everyone! I've been researching gaming laptops lately, and I must say, they can get pretty expensive. However, I've come across some great...
0
by: concettolabs | last post by:
In today's business world, businesses are increasingly turning to PowerApps to develop custom business applications. PowerApps is a powerful tool...
0
better678
by: better678 | last post by:
Question: Discuss your understanding of the Java platform. Is the statement "Java is interpreted" correct? Answer: Java is an object-oriented...
0
by: Kemmylinns12 | last post by:
Blockchain technology has emerged as a transformative force in the business world, offering unprecedented opportunities for innovation and...
0
by: CD Tom | last post by:
This only shows up in access runtime. When a user select a report from my report menu when they close the report they get a menu I've called Add-ins...
0
jalbright99669
by: jalbright99669 | last post by:
Am having a bit of a time with URL Rewrite. I need to incorporate http to https redirect with a reverse proxy. I have the URL Rewrite rules made...
0
by: antdb | last post by:
Ⅰ. Advantage of AntDB: hyper-convergence + streaming processing engine In the overall architecture, a new "hyper-convergence" concept was...
0
by: Matthew3360 | last post by:
Hi there. I have been struggling to find out how to use a variable as my location in my header redirect function. Here is my code. ...
0
by: AndyPSV | last post by:
HOW CAN I CREATE AN AI with an .executable file that would suck all files in the folder and on my computerHOW CAN I CREATE AN AI with an .executable...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.