-2

Basically, When a user signs up (register.php) succesfully.. I store all the data in database and direct them to step.php using

header("location: step.php");

Where they fill other different info which is then stored in the database.

So, a user must access the register.php page before accessing the step.php page.

How do I stop access to the step.php page by limiting its access to only those that just completed the register.php form.

PS - I am building a step by step registration process and is this even the best way out. Or what other ways can I do this?

Ibrahim
  • 99
  • 12

2 Answers2

0

Use Sessions, set a session if the user did gone through register php (set it bevor you redirect the user). If step.php is called, check for that session.

<?
//register.php Line 1
session_start();

//At the End
$_SESSION['doneRegister'] = true;
header("location: step.php");
?>



<?
//step.php Line 1
session_start();
if (!isset($_SESSION['doneRegister'])){
// Session not set
header("location: register.php");
}
?>
Alpix
  • 98
  • 1
  • 9
0

On register page: define('VAR', true);
On top of step page: if (!defined('VAR')) header('location:index.php');

halojoy
  • 225
  • 2
  • 7