How to protect a PHP page

Support Menu

My Account

What's New

Who's Online

How to protect a PHP page

PHPMembers membership software is able to protect PHP pages from being accessed by unauthorized visitors. To protect a PHP page, please put the following code at the beginning of the file.

<?php
define("PHPMEMBERS_FOLDER", './phpmembers/'); // modify this to define the PHPMembers folder relative path
$allowGroups = array('1', '2'); // modify this to define the accessible groups
include_once(PHPMEMBERS_FOLDER."lib/config.inc.php");
include_once(PHPMEMBERS_FOLDER."lib/database.inc.php");
include_once(PHPMEMBERS_FOLDER."lib/user.class.php");
$con = connect_database();
$user = new umUser();
$user->get_session();
if(!($user->userID != 0 && $user->get_user() && $user->check_groups($allowGroups))){
   header("location: ".PHPMEMBERS_FOLDER."login.php?url=".$_SERVER["SCRIPT_NAME"]."?".$_SERVER['QUERY_STRING']);
   return;
}
close_database($con);
?>

You may need to modify the first two lines of the code according to your website settings. If you would like to learn more, please visit Custom Development Section.

Note: When running PHP as a CGI Binary and not in library mode, Apache will send any PHP based request directly to the PHP executable. Therefore folder and link protections do not work on PHP pages. This is the only way to protect your PHP pages.