BigToque
10-07-2005, 12:21 AM
I'm not sure if this is the way to go about doing this, but this is what I've come up with.
I have an admin.php file that asks the user to input their username and password. This username and password is the U/P to log into my SQL DB.
If a link to the database is succesful, the admin options are displayed on "admin.php?id=admin" and a variable called $access_allowed is set to 1.
When the user tries to update a variable, they are re-directed to "update.php" where I have placed:
if ($allowed_access == 1) { do all the update code }
What I want to know is how is the best way to pass the variable without adding a real security risk. The data isn't really important, but I want to treat it as if it were (I'm trying to learn here :p).
I have an admin.php file that asks the user to input their username and password. This username and password is the U/P to log into my SQL DB.
If a link to the database is succesful, the admin options are displayed on "admin.php?id=admin" and a variable called $access_allowed is set to 1.
When the user tries to update a variable, they are re-directed to "update.php" where I have placed:
if ($allowed_access == 1) { do all the update code }
What I want to know is how is the best way to pass the variable without adding a real security risk. The data isn't really important, but I want to treat it as if it were (I'm trying to learn here :p).