Jump to content

Archived

This topic is now archived and is closed to further replies.

Demonic

Would this possible work?(is it valid?)

Recommended Posts

[code]
<?php
ob_start();
include "config.php";
session_start();
if($logged[level] == 5){
$_SESSION['auth'] = true;
}else{
$_SESSION['auth'] = false;
}
if($_SESSION['auth'] == true){
//show some stuff
}elseif($_SESSION['auth'] == false){
include "login.php";
}
?>
[/code]

config.php includes cookie would this possible work out

What im trying to manage is to check if a user is an administrator then use a session to tell the page that he is allowed to view the page else he can not view the page and it shows login page.

Can someone tell me if this is correct.

Share this post


Link to post
Share on other sites
It depends...

Where is the array $logged being set?, also where is the session being started? Other than those questions, why do you quote your session elements and not your $logged array elements.

me!

Share this post


Link to post
Share on other sites
because I simply stated:

[quote]config.php includes cookie would this possible work out[/quote]

meaning $logged is a cookie

and it does say

session_start();

Oh and about the $logged not being quoted its a whilestatement in my config.php

[code]
<?php
ob_start();
mysql_connect("localhost","root","*******") or die(mysql_error());
mysql_select_db("************") or die(mysql_error());
$cookieid = htmlspecialchars($_COOKIE[uid]);
$cookiepass = htmlspecialchars($_COOKIE[upass]);
$logged = mysql_query("SELECT * FROM users WHERE id='$cookieid' AND password='$cookiepass' ");
$logged = mysql_fetch_array($logged);
?>
[/code]

Share this post


Link to post
Share on other sites
If you already set the cookie in config then why do you need ob_start(); You use ob_... functions when you need to hold content because later you may send a cookie or other header. I don't see any output happening so why do you have it. Other than that, the way you have it is fine as long as the cookie has been validated. I don't see where the cookie is coming from so there is no way to tell if that logic is sound.


me!

Share this post


Link to post
Share on other sites
[quote=me]
<?php
ob_start();
mysql_connect("localhost","root","*******") or die(mysql_error());
mysql_select_db("************") or die(mysql_error());
$cookieid = htmlspecialchars($_COOKIE[uid]);
$cookiepass = htmlspecialchars($_COOKIE[upass]);
$logged = mysql_query("SELECT * FROM users WHERE id='$cookieid' AND password='$cookiepass' ");
$logged = mysql_fetch_array($logged);
?>
[/quote]

Thats where cookie is coming from^config.php file

so other then what you said abuot the ob_start(); im fine?

Share this post


Link to post
Share on other sites
I think what printf is getting at is that your code is syntactically (is that even a word?) terrible, but the idea should work. Your initial code should have looked more like...

[code=php:0]
<?php
ob_start();
include "config.php";
session_start();
if ($logged['level'] == 5) {
  $_SESSION['auth'] = true;
} else {
  $_SESSION['auth'] = false;
}
if ($_SESSION['auth']) {
  //show some stuff
} else {
  include "login.php";
}
?>
[/code]

Share this post


Link to post
Share on other sites
Ok, But you aint have to be so mean about it. Could of just said I think he means that your coding is incorrect. and posted code. -_-

Share this post


Link to post
Share on other sites
[quote]But you aint have to be so mean about it[/quote]

Sorry... didn't intend it to be meen.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.