Secure pages with PHP/.htaccess?
www.example.com/index.html on my website is a page that asks for a
password, when entered, runs through www.example.com/login.php
<?php
if (isset($_POST['pw']) && ($_POST['pw'] == "mypassword"))
{
// Location after Logged in
header('Location : http://example.com/kareha/index.html');
}
else
{
// If not Logged in
header('Location: http://example.com/index.html');
}
?>
And then gets redirected to www.example.com/kareha/
The problem is, anyone can just type in and directly navigate to
www.example.com/kareha/
Is there any way I can protect this index file (or anywhere else on the
site) so anyone who isn't logged in is redirected to the main login page?
Also, would it help if it was protected through .htaccess?
(/kareha/index.html is automatically updated according to a template,
which has broken every time I mess around with it)
Thanks!