maharg
Technical User
- Mar 21, 2002
- 184
Hi
I have a page which uses sessions for user login, because the pages are commercially sensitive.
At the top of each page I have...
Now, I also use ajax to pull in some dynamic php page elements, and if you 'view source' of the loaded page, you can see the urls of these dynamic sections in the javascript.
If you open these urls separately , you can view the content of those files.
I tried adding my session code above, to each of these sub-pages, which works, but I get
Notice: A session had already been started - ignoring session_start() in E:\domains\l\london-electronics.com\user\htdocs\NPB\include_authorisation.php on line 2
Any suggestions on how to protect the sub-pages and the overall page? Or can I suppress the above Notice somehow?
Thanks and regards,
Graham
I have a page which uses sessions for user login, because the pages are commercially sensitive.
At the top of each page I have...
Code:
<?php
session_start();
if (isset($_SESSION['logged']) && $_SESSION['logged'] == 1) {
//Do Nothing
} else {
$redirect = $_SERVER['PHP_SELF'];
header("Refresh: 2; URL=login.php?redirect=$redirect");
echo "You are being directed to the NPB login page.<br>";
echo "(If your browser doesn't support this, " .
"<a href=\"login.php?redirect=$redirect\">click here</a>)";
die();
}
?>
Now, I also use ajax to pull in some dynamic php page elements, and if you 'view source' of the loaded page, you can see the urls of these dynamic sections in the javascript.
If you open these urls separately , you can view the content of those files.
I tried adding my session code above, to each of these sub-pages, which works, but I get
Notice: A session had already been started - ignoring session_start() in E:\domains\l\london-electronics.com\user\htdocs\NPB\include_authorisation.php on line 2
Any suggestions on how to protect the sub-pages and the overall page? Or can I suppress the above Notice somehow?
Thanks and regards,
Graham