Is it safe too....

[anthonydamasco]

I have quick question, when using sessions, is it safe to use "include.html"

For example if I wanted to make a control panel for my users instead of converting html into a big slash quote mess using an echo, I would just design a "controlpanel.html" and use it to add and remove information, now as long as I have sessions checking the user information

[code=php:0]
if (!isset($_SESSION['checker']))
{
  die ('you are not logged in!');
}
[/code]
would there be problems with people bypassing the login if they knew my controlpanel.html page?

[HuggieBear]

Not if you included that code on the controlpanel.html file too.

Give it a .php extension and away you go!

Rich

[wildteen88]

If you dont want to add aslashes to quotes in your echo statement. Use the [url=http://uk.php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc]HEREDOC syntax[/url]. You can put anythink into a HEREDOC statement without having to escape characters. If you use PHP variables in heredoc make sure you wrap the variable up in curly braces, eg: {$var_name}

ALso if you are including a file that doesnt have a php extension and has PHP code in it. PHP will treat that file as a PHP file and will parse the code in that file.

[anthonydamasco]

thank you for the advice  :D