How to block direct access to html page
You can define a variable like window.parentPage = true;
in the index.html file.
In the products.html page make a check like so:
if(!window.parentPage)
{
window.location.href = "YOUR REDIRECTION PAGE"
}
Prevent direct access to a webpage by typing the URL
so your login screen should already have session code implemented into it that has a variable that specifies if the user is logged in or not. If you don't have that implemented yet, the code would look similar to:
<?php session_start();//at the very top of the page
?>
//... your own code
//if the user successfully logs in then:
$_SESSION['authenticated']=true;
Then on the booking.php page (it should be php to allow php scripts which is super important for validating if a user is logged in), you would then check if the user did log in. If he did, the rest of the page loads, if he didn't, you would redirect them to login.php:
at the very top of booking.php:
<?php session_start();
if (!isset($_SESSION['authenticated']))
{
//if the value was not set, you redirect the user to your login page
header('Location https://www.example.com/login.php');
exit;
}
else
{
//if the user did login, then you load the page normally
}
How to prevent a user from directly accessing my html page
It's apparent to me that you only want to use Python, no frameworks etc... So the problem is that you are actually redirecting to an existing web HTML page. Don't do that, instead serve the HTML with Python itself.
# pages.py
class DefaultPage(object):
def __init__(self):
self.html = '''
All Your HTML Here
'''
def self.display:
return self.html
Obviously your using something to serve your Python, I'm assuming something simple like Google App Engine Launcher, in which case you can just write the class. Even if your using some other simple WSGI, the concept remains the same.
# main.py
import webapp2
from pages import DefaultPage
class MainHandler(webapp2.RequestHandler):
def get(self):
page = DefaultPage()
self.response.write(page.display())
app = webapp2.WSGIApplication([
('/', MainHandler)
], debug=True)
Prevent users from directly accessing url and redirect to login if not logged in Flask
You can use your own custom decorator like in flask login module.
Something similar to this,
def login_required(f):
@wraps(f)
def decorated_function(*args, **kwargs):
if session.get('username') is None or session.get('if_logged') is None:
return redirect('/login',code=302)
return f(*args, **kwargs)
return decorated_function
Then use like this in a route which requires login,
@app.route('/', methods=['GET', 'POST'])
@login_required
def home():
#blah_blah
What this does is , whenever you call url '/' ,it calls decorated_function() present inside login_required() wrapper. So put your login logic inside deccorated_function(). Check if the user is logged in using sesion cookie(or whatever method you want), if not logged redirect to login else don't return anything.
Regarding that session.get() error, did you import session from module flask? The syntax seems correct
Preventing direct access to my HTML page
First of all you need to convert your html page to php then you can set a session variable in your contact us page and then when the mail is successfully sent to the user then you can check for the this session variable's value to decide weather to redirect the user or not.
Suppose this is your contact us page.
<?php
// code for sending mail
if(the mail is sent successfully then)
{
$_SESSION["redirect_to_success"]=true;
}
?>
This can be the code on the success page
<?php
if(!isset($_SESSION["redirect_to_success"]))
{
header("location:contactus.php");
}
else
{
unset($_SESSION["redirect_to_success"]);
}
?>
Here unseting the session variable allows the use to redirect to the success page only when the mail is sent successfully. Once he/she is redirected to the success page the session variable will be unset. And also using Boolean values allows less consumption of memory
Related Topics
Php Curl Required Only to Send and Not Wait for Response
How to Get Previous Month from Selected Month
Laravel Convert Query MySQL to Model Query
Displaying Data from an Array in a HTML Table Using PHP
Php Adding 15 Minutes to Time Value
Display Data from Database to Dropdown Codeigniter
Laravel - Where Less/Greater Than Date Syntax
How to Check If a String Contains a Specific Word
Are Global Variables in PHP Considered Bad Practice? If So, Why
Passing an Array to a Query Using a Where Clause
How to Show Blob Image in HTML
Remove License Check from Script Code in Codeigniter
How to Get Part of Url Before Last Slash With PHP
Getting Check Box Values as Checked from Database Codeigniter
Showing Image Binary Data Using JavaScript
Get All Hrefs from String But Then Replace Via Another Method
Difference Between Single-Quoted and Double-Quoted Strings in PHP