Jump to content

Archived

This topic is now archived and is closed to further replies.

anthonydamasco

Is it safe too....

Recommended Posts

I have quick question, when using sessions, is it safe to use "include.html"

For example if I wanted to make a control panel for my users instead of converting html into a big slash quote mess using an echo, I would just design a "controlpanel.html" and use it to add and remove information, now as long as I have sessions checking the user information

[code=php:0]
if (!isset($_SESSION['checker']))
{
  die ('you are not logged in!');
}
[/code]
would there be problems with people bypassing the login if they knew my controlpanel.html page?

Share this post


Link to post
Share on other sites
Not if you included that code on the controlpanel.html file too.

Give it a .php extension and away you go!

Rich

Share this post


Link to post
Share on other sites
If you dont want to add aslashes to quotes in your echo statement. Use the [url=http://uk.php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc]HEREDOC syntax[/url]. You can put anythink into a HEREDOC statement without having to escape characters. If you use PHP variables in heredoc make sure you wrap the variable up in curly braces, eg: {$var_name}

ALso if you are including a file that doesnt have a php extension and has PHP code in it. PHP will treat that file as a PHP file and will parse the code in that file.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.