i hav this page (a.php), where i ask te user for his username and password. I match these with static values, and upon succesful matching, i redirect the user to b.php.
what if somebody, instead of going thru the normal procedure (from a.php to b.php after verification), directly types in the url for b.php into the address bar???
will that not SHATTER my security??
how can i implement security so that if some1 has not signed in (on a.php) and directly enters the url of b.php, he is
1. sent back to (a.php)
2. nothing is displayed on b.php
thanks a lot.