Restrict functions file?

Ask about a PHP problem here.
Post Reply
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Restrict functions file?

Post by ExtremeGaming »

More of a question then a problem...

Is there any reason that I might want to put a sessions check in a functions file to check if only an admin uses it? For clarification I will give an example. I'm creating an admin backend for a friend's website and I am checking if say: add_user.php and mod_user.php are being accessed by an admin or not.
<?php
session_start();

// Session check
if($_SESSION['group'] != "Administrator") {
header("Location: $domain/index.php");
die;
}

// rest of code here including use of the function
?>
Is there any reason, after that check that I should include a session check in functions.php?
<?php
// ADMIN FUNCTIONS
session_start();

// Function to Salt and Hash passwords
function Secure($pass) {
// Stuff
}

// Function to add user to the site.
function add_user() {
// More stuff
}

// Function to modify a user.
function mod_user() {
// Rawr
}
?>
<?php while(!$succeed = try()); ?>
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Restrict functions file?

Post by jacek »

No it would be pointless, even if someone did manage to access the file nothing would happen since none of the functions get called.
Image
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Re: Restrict functions file?

Post by ExtremeGaming »

That's what I was thinking, but couldn't find anything on it. Ty :)
<?php while(!$succeed = try()); ?>
Post Reply