joined:Oct 19, 2011
Currently I have it set that if a certain session variable is present, then the logged in user is trying to access the admin section. Should I send them back to the login page or to the banned page?
Along those same lines, how best to protect the process files(those that do all the work)?
I have the same sort of thing protecting the form pages.