Validating user authentication for all page_问答_开发者

Validating user authentication for all page

开发者 https://www.devze.com 2022-12-10 06:43 出处：网络

I am using the HTML page on front end PHP for server side scripting. now the problem i have configuration page which can be loaded by disabling javascript on Mozilla setting.

相关专题：javascript php

I am using the HTML page on front end PHP for server side scripting. now the problem i have configuration page which can be loaded by disabling javascript on Mozilla setting.

Since i am us开发者_如何转开发ing cookie to validate on the javascript

For avoiding this i need some thing i can call some php script onload without intimating user and verification return page

regards hemant

you can not call PHP onload (at least not without ajax, but then you're back in the javascript boat).
onload is a client side event and PHP runs on the server...

I can't really see what you're doing but my giess is:
what you want to do is create a PHP script which catches all requests and renders the correct page if the person is autorized. or something like that.

You could use a framework (such as using MVC etc.), even a really tiny one, and then authenticate your requests when you initialise your Controller.

Or if you want to custom code:

use rewriting (.htaccess on Apache) to capture all your requests and route them through a PHP file (e.g. index.php)
this file will authenticate the user and then explode the route requested (GET) to send them to their destination:

$route = $_GET['route'];

Once you have the user authenticated successfully, store that information in $_SESSION array.

More info:

PHP Sessions Tutorial
PHP Sessions (php.net)

Couldn't you just do a check if there browser has JavaScript enabled or disabled? then use PHP session?

Moving away javascript based cookies, and possibly using php session to validate the login, or using php cookie.. that way the sites not dependent on the javascript, especially if its a security issue..

<script type=”text/javascript”>
    document.write('Javascript Loaded!');
</script>
<noscript>
   <div style=”color:#FF0000; font-weight:bold; text-align:center;”>
     Javascript must be enabled to see this site!
   </div>
   <meta http-equiv=”refresh” content=”0; url=http://www.yourdomain.com/nojs.php”>
</noscript>

this way you could redirect them to your php page for processing..?

I'm not sure what exactly it is what you're asking but if you want to secure a site, and you don't mind if there's just one login/password combination, you could also use .htaccess.