0

I pressed the login button and if there's no email save on the database it will redirect to the following url https://www.example.com/enter_here. I used header("Location: {$_SITE['url']}/enter_here"); to redirect it. Once on that page if i remove the enter_here it will bypass that validation where it will directly login the user. Is there anyway to prevent so that even i remove the enter_here it wont go to the other page.

Thanks.

momori14
  • 169
  • 1
  • 2
  • 14
  • 2
    Yes. There are plenty of ways, like adding some check to see if the user has logged in or not. – M. Eriksson Jul 17 '17 at 13:35
  • Hi Sir, will you let me know how and which one you think is the best? – momori14 Jul 17 '17 at 13:36
  • You could read up on [sessions](http://php.net/manual/en/book.session.php) and also do some research. There are plenty of tutorials about this if you just spend some time searching for it. SO isn't a free coding service, nor the correct place to ask for tutorials. – M. Eriksson Jul 17 '17 at 13:37
  • I did try to look online but i can't find any, anyway ill do what you said. – momori14 Jul 17 '17 at 13:39
  • wrap the validation work in a function then you can use this function in any page the user might request. I think you need your application to adopt some sort of 1 entry point design (e.g front controller) – Accountant م Jul 17 '17 at 13:44

0 Answers0