Is there a way to patch a lapse in security by forcing
non-cookie holders or users who haven\'t logged into a site to login before gaining access. I have an area where people have to login to my php3 pages. I have cookies set on the login that times people out after a certain length of inactivity, but have recently found that people can access the pages in that area by typing the url of the page and avoiding login all together. How can I stop this from happening? Is there something in the cookies that can be tweaked, or am I looking at some other method entirely?
non-cookie holders or users who haven\'t logged into a site to login before gaining access. I have an area where people have to login to my php3 pages. I have cookies set on the login that times people out after a certain length of inactivity, but have recently found that people can access the pages in that area by typing the url of the page and avoiding login all together. How can I stop this from happening? Is there something in the cookies that can be tweaked, or am I looking at some other method entirely?