Home/ Questions/Q 6657011
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T01:42:51+00:00

I have an HTML page that I do not want to be available unless

  • 0

I have an HTML page that I do not want to be available unless the login is successful. My login starts a session, however I don’t know how to check for the session in the HTML and if the session exists I want to display the page, if not I want to display a unauthorised message. How can I do this?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can’t check for the session in the HTML per se you’d have to do it in PHP. Depending on how your page is built using PHP you could try putting something like this at the top of your HTML file:

    <?php
if (!isset($_SESSION['my_login_var'])) {
  echo 'Unauthorised';
  exit();
}
?>

    But you’d be far better off doing this earlier on in your PHP code, in which case you could use the header function to send the user to a proper 403 page.

    UPDATE

    Usually PHP does some processing before the HTML is outputted and the headers are sent to the connecting client, so you want to send a 403 header before that output happens. This could be in an included PHP file that is run before the HTML is built, or even in the HTML file itself if no other content has been outputted before the script reaches that point.

    You can make a small adjustment to the code above to send a 403 header and ‘properly’ deny access to the page:

    <?php
if (!isset($_SESSION['my_login_var'])) {
  header('HTTP/1.1 403 Forbidden');
  exit();
}
?>
    • 0