Jump to content

Would this possible work?(is it valid?)


Demonic

Recommended Posts

[code]
<?php
ob_start();
include "config.php";
session_start();
if($logged[level] == 5){
$_SESSION['auth'] = true;
}else{
$_SESSION['auth'] = false;
}
if($_SESSION['auth'] == true){
//show some stuff
}elseif($_SESSION['auth'] == false){
include "login.php";
}
?>
[/code]

config.php includes cookie would this possible work out

What im trying to manage is to check if a user is an administrator then use a session to tell the page that he is allowed to view the page else he can not view the page and it shows login page.

Can someone tell me if this is correct.
Link to comment
Share on other sites

because I simply stated:

[quote]config.php includes cookie would this possible work out[/quote]

meaning $logged is a cookie

and it does say

session_start();

Oh and about the $logged not being quoted its a whilestatement in my config.php

[code]
<?php
ob_start();
mysql_connect("localhost","root","*******") or die(mysql_error());
mysql_select_db("************") or die(mysql_error());
$cookieid = htmlspecialchars($_COOKIE[uid]);
$cookiepass = htmlspecialchars($_COOKIE[upass]);
$logged = mysql_query("SELECT * FROM users WHERE id='$cookieid' AND password='$cookiepass' ");
$logged = mysql_fetch_array($logged);
?>
[/code]
Link to comment
Share on other sites

If you already set the cookie in config then why do you need ob_start(); You use ob_... functions when you need to hold content because later you may send a cookie or other header. I don't see any output happening so why do you have it. Other than that, the way you have it is fine as long as the cookie has been validated. I don't see where the cookie is coming from so there is no way to tell if that logic is sound.


me!
Link to comment
Share on other sites

[quote=me]
<?php
ob_start();
mysql_connect("localhost","root","*******") or die(mysql_error());
mysql_select_db("************") or die(mysql_error());
$cookieid = htmlspecialchars($_COOKIE[uid]);
$cookiepass = htmlspecialchars($_COOKIE[upass]);
$logged = mysql_query("SELECT * FROM users WHERE id='$cookieid' AND password='$cookiepass' ");
$logged = mysql_fetch_array($logged);
?>
[/quote]

Thats where cookie is coming from^config.php file

so other then what you said abuot the ob_start(); im fine?
Link to comment
Share on other sites

I think what printf is getting at is that your code is syntactically (is that even a word?) terrible, but the idea should work. Your initial code should have looked more like...

[code=php:0]
<?php
ob_start();
include "config.php";
session_start();
if ($logged['level'] == 5) {
  $_SESSION['auth'] = true;
} else {
  $_SESSION['auth'] = false;
}
if ($_SESSION['auth']) {
  //show some stuff
} else {
  include "login.php";
}
?>
[/code]
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.