Tweet
All
I have a login page where a user specifys a username and password.
These values are then passed to a php page that validates these details with those in a database.
If they pass, we are redirected to a page where a user can update information about themselves, if it fails - an error message is returned.
My problem is, if the validation is passed, what is the best way to pass the username through? surely if I append it to the end of the querystring, a user who has failed the login may try to access by putting there username on the end?
Any advice? maybe create a cookie? (how?)
I have a login page where a user specifys a username and password.
These values are then passed to a php page that validates these details with those in a database.
If they pass, we are redirected to a page where a user can update information about themselves, if it fails - an error message is returned.
My problem is, if the validation is passed, what is the best way to pass the username through? surely if I append it to the end of the querystring, a user who has failed the login may try to access by putting there username on the end?
Any advice? maybe create a cookie? (how?)
Comment