hi, i have index.php and home.php. in order to go to home.php users have to login in index.php. but how do i not allow users to be directed to home.php when they type home.php address in the address bar?

am i making sense?

After your user logs in, set a session variable to a specific value. In home, check this session variable, if it is not set redirect to the login.

hi,

there are many ways of achieving this. The most simple is to create a session on index.php and then check if the session exists on home.php. If the session does not exist, the user is redirected to the index.php

sample codes

filename: index.php

<?php

    session_start();

    $_SESSION['been_here'] = true;

    header("Location: http://your_domain_dot_com/home.php");
     die();

home.php

<?php

    if(isset($_SESSION['been_here'])){
        ## do all the things you want to do
        }

        else{

            header("Location: http://your_domain_dot_com/index.php");
     die();
     }

you can also do this kind of statement

     if($_SESSION['been_here'] && (isset($_SESSION['been_here']))){

         ## do all the things you want to do

         }

         else{

             ## redirect the unexpected intruder here..

         }
Member Avatar

I 'third' the simple session check-redirct method. Other solutions abound in tutorials, but they must be regarded carefully. One I saw delivered different content to a page (based on include files) depending on whether the user was logged in or not. While this has its uses, it shouldn't (IMO) be used if you want to prevent a non-logged-in user from accessing certain pages, especially admin pages.