Jump to content

strstr for restricted areas


twsowerby

Recommended Posts

Hi all,

 

I've been playing around with strstr and str_replace to try and check if the current page is a restricted area of the site. I'm getting a bit frustrated because I'm new to this and not sure why its not working. I think I've just been staring at ti for too long now, so if anyone can help me out that would be awesome.

 

$current = $_SERVER['PHP_SELF'];



// If in users

if(strstr($current, '/users/'))

{

$current = str_replace("users/", "", $current);

$current = strtolower($current);



// users/ resitricted pages

if($current == 'userarea.php' || $current == 'logout.php' || $current == 'deleteproduct.php' || $current == 'deleteproductc.php'



|| $current == 'changeproductstatus.php' || $current == 'index.php')



{



	checkIsLoggedIn();



	checkSession();



}



}

 

My folder structure for the users folder is as follows:

 

localhost/sites/fyp/htdocs/users/

 

I have got myself into a bit of a muddle here and I can't figure out how to fix it. There are no errors, its just not restricting access to the pages it should.

 

Thanks,

 

Tom

Link to comment
https://forums.phpfreaks.com/topic/100890-strstr-for-restricted-areas/
Share on other sites

I'm not quite sure why are taking this approach, it would seem more sensible to include a file on each of the restricted pages which does the authentication, i.e.

 

In area.php you would include a file called authenticate.php

<?php
  require_once('authenticate.php');
?>
  <html>
  <head>
  ...    

 

authenticate.php would need to include the checkIsLoggedIn(); and checkSession(); functions.

 

This way you don't have to hard code any page names.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.