Is Javascript the only way??

Hi guys I need to findout if javascript is the only way for me to get the following done?

I am wanting to start a service from my website, what it will involve is other websites signing up to my site. In return I will issue a pin to their customer through sms.

The user will then click a link to a popup the popup will access a page on my server, this page will ask them to enter the pin to get onto the website.

When they have done this the popup page then verifies the pin, and asks them to press a button to enter the member website.

From here I need to then allow them access by closing the popup and redirecting the main page to the websites members area. From here they must only be able to access the site for a specified time then booted off.

Can the redirection only be done through javascript and the timing through php and a database?

Thanks

Emma

unless i misunderstand, you can do that whole thing in PHP except for the triggering and closing the popup window part. do you have any current js code that you're looking to convert into PHP?

no javascript I really know which way to do the timing yet still being in control?

..huh?

help me if i'm off here, but it sounds like what you want to do is upon verification of payment or whatever, the server then generates a unique ID. that unique ID is associated with a session (allowing them to access member pages) as well as a timestamp, so when the timestamp expires - so does the session, and the ID is no longer usable. that's doable, assuming you're using session control.

yes something like that, I dont understand everything about sessions, what would your suggestion involve? And would the session be able to stop them having access to an external site.

if by external site you mean a site that isn't yours, well you can't really prevent anybody from having access to an external site, that would be the external sites responsibility.

my suggestion is about elaborate as I can get it without writing up some code.. you can read up on sessions over here - in a nutshell, using sessions is way to preserve data over multiple page requests. you can decide what content should display and to whome it should display depending on whatever conditions you want (such as, they need to have a valid ID). of course, you'll need to take further precaution to prevent them from leaching files.

I did mean an external site, but I am wanting to allow access through there .htaccess, they will allow me ip address through, I just need to know it can work without everyone knowing the master passwd.

And also how to boot them off without having to change my passwd

the .htaccess approach stores the passwords in a txt file, and requests the password file on every page request (that'll be a problem if your site has a lot of traffic). either way PHP does have the ability to work with Basic-authentication and you can read more about that over here.