MLM(Multi Level Marketing) Website Using PHP - Binary Plan

Part 8 - Stop Unauthorised Access

In this tutorial, we will stop unauthorized access to user account. Because without this any user can access any other user's account without login by using URL.
The user can access the page by using direct URL, so it becomes very important to stop access using URL. To validate the login user we will check that whether the user is logged in or not. For this, we will use some $_SESSION variables that we created at login time.
If the user is logged in then there should be a variable login_type and the value of this variable should user.

  • Create a page check-login.php.
  • Save this file inside a folder php-includes.
  • Include this page on every page where we want to stop unauthorized access.
  • To understand the process watch the video.



check-login.php

<?php
session_start();
if(isset($_SESSION['id']) && $_SESSION['login_type']=='user'){
}
else{
	echo '<script>alert("Access denied");window.location.assign("index.php");</script>';
}
?>                        


1570