Restrict functions file?
Posted: Sun Dec 09, 2012 2:45 am
More of a question then a problem...
Is there any reason that I might want to put a sessions check in a functions file to check if only an admin uses it? For clarification I will give an example. I'm creating an admin backend for a friend's website and I am checking if say: add_user.php and mod_user.php are being accessed by an admin or not.
Is there any reason that I might want to put a sessions check in a functions file to check if only an admin uses it? For clarification I will give an example. I'm creating an admin backend for a friend's website and I am checking if say: add_user.php and mod_user.php are being accessed by an admin or not.
<?php
session_start();
// Session check
if($_SESSION['group'] != "Administrator") {
header("Location: $domain/index.php");
die;
}
// rest of code here including use of the function
?>
Is there any reason, after that check that I should include a session check in functions.php?
<?php
// ADMIN FUNCTIONS
session_start();
// Function to Salt and Hash passwords
function Secure($pass) {
// Stuff
}
// Function to add user to the site.
function add_user() {
// More stuff
}
// Function to modify a user.
function mod_user() {
// Rawr
}
?>