More of a question then a problem...
Is there any reason that I might want to put a sessions check in a functions file to check if only an admin uses it? For clarification I will give an example. I'm creating an admin backend for a friend's website and I am checking if say: add_user.php and mod_user.php are being accessed by an admin or not.
[syntax=php]
<?php
session_start();
// Session check
if($_SESSION['group'] != "Administrator") {
header("Location: $domain/index.php");
die;
}
// rest of code here including use of the function
?>[/syntax]
Is there any reason, after that check that I should include a session check in functions.php?
[syntax=php]
<?php
// ADMIN FUNCTIONS
session_start();
// Function to Salt and Hash passwords
function Secure($pass) {
// Stuff
}
// Function to add user to the site.
function add_user() {
// More stuff
}
// Function to modify a user.
function mod_user() {
// Rawr
}
?>[/syntax]
Restrict functions file?
-
- Posts: 205
- Joined: Mon Jul 09, 2012 11:13 pm
Restrict functions file?
<?php while(!$succeed = try()); ?>
Re: Restrict functions file?
No it would be pointless, even if someone did manage to access the file nothing would happen since none of the functions get called.
-
- Posts: 205
- Joined: Mon Jul 09, 2012 11:13 pm
Re: Restrict functions file?
That's what I was thinking, but couldn't find anything on it. Ty
<?php while(!$succeed = try()); ?>