Allowing Access to Authorized Users Only


Even if your site has a user-registration page and a user-login page, unauthorized users may be able to bypass registration and login and gain access to restricted pages by entering the URL for a restricted page in a browser. To prevent unauthorized users from accessing restricted pages, you can add a Restrict Access to Page server behavior to restricted pages. This behavior redirects unauthorized users to another page, such as the registration or login page.

To add a server behavior to redirect unauthorized users:

1.

Open the members.php page.

2.

In the Application panel group, click the Server Behaviors tab to access the Server Behaviors panel.

3.

Click the plus (+) button, and choose User Authentication > Restrict Access to Page from the Server Behaviors menu (Figure 13.35).

Figure 13.35. Choose Restrict Access to Page from the User Authentication submenu in the Server Behaviors menu.


The Restrict Access to Page dialog appears.

4.

In the Restrict Based On section, select the Username, Password, and Access Level radio button (Figure 13.36).

Figure 13.36. Set access levels for a page in the Restrict Access to Page dialog.


5.

Click the Define button. The Define Access Levels dialog appears.

6.

Click the plus (+) button to add an access level. Type member in the Name field (Figure 13.37). Click OK to close the dialog.

Figure 13.37. Add access levels for the page in the Define Access Levels dialog.


The access-level name should be the same as a value in the Access field of the users table. In our case, the valid names are guest, member, and administrator.

7.

In the Restrict Access to Page dialog, click the Define button again to display the Define Access Levels dialog. Click the plus (+) button and type administrator in the Name field. Click OK to close the dialog.

8.

In the Restrict Access to Page dialog, Control-click (Windows) or Command-click (Mac) to select both member and administrator in the Select Level(s) box (Figure 13.38).

Figure 13.38. Enter a redirect page in the Restrict Access to Page dialog.


You've added two different access levels for this page. You need to select both to add both to the Restrict Access to Page server behavior.

9.

In the If Access Denied, Go To field, type registration.php (Figure 13.38).

Users who attempt to open this page without logging in with the appropriate access level will be redirected to the registration page.

10.

Click OK to close the dialog and add the server behavior to the page.

11.

Save the page.

You've added the Restrict Access to Page server behavior to the members.php page. Users who have logged in and have either member or administrator access level can open this page. Other users will be redirected to the registration.php page.




Macromedia Dreamweaver 8 Advanced for Windows and Macintosh. Visual Quickpro Guide
Macromedia Dreamweaver 8 Advanced for Windows and Macintosh: Visual QuickPro Guide
ISBN: 0321384024
EAN: 2147483647
Year: 2004
Pages: 129
Authors: Lucinda Dykes

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net