|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
01-08-2005, 05:14 AM
|
#1 |
|
Confirmed User
Industry Role:
Join Date: Nov 2003
Location: Toronto
Posts: 4,001
|
PHP Sessions Question
Scenario: A user number 5884 into their account and edits there profile. The url is www.site.com/profile.php?id=5884. However, when they change the url to www.site.com/profile.php?id=5885 they can view the personal details of profile 5885.
What php session script (or other) do I put at the top of the viewprofile.php scripting to allow the logged in user to view only his/her profile? |
|
|
|
01-08-2005, 05:34 AM
|
#2 |
|
Confirmed User
Join Date: Jan 2005
Posts: 377
|
session variables are stored in the $_SESSION array. you probably know this. and you probably know to store the user id for the person in a session variable?
when someone messes with the url id number, they are changing the variable of $_GET['id'] in your script....so to make it where they can only view their own profile just do something such as if ($_SESSION['id'] hahahaha $_GET['id']) { echo 'all good now';}
__________________
SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR. Unless your sig is for a GFY top banner sponsor, then you may use a 624x80 instead of a 120x60. |
|
|
|
|
01-08-2005, 05:36 AM
|
#3 |
|
Confirmed User
Join Date: Jan 2005
Posts: 377
|
if ($_SESSION['id'] hahahaha $_GET['id'])
{ echo 'allow viewing'; } else { echo 'fuck off lamer'; }
__________________
SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR. Unless your sig is for a GFY top banner sponsor, then you may use a 624x80 instead of a 120x60. |
|
|
|
|
01-08-2005, 05:37 AM
|
#4 |
|
Confirmed User
Join Date: Jan 2005
Posts: 377
|
apparently two equal signs in a row is banned and replaced with hahahaha
__________________
SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR. Unless your sig is for a GFY top banner sponsor, then you may use a 624x80 instead of a 120x60. |
|
|
|
|
01-08-2005, 09:41 AM
|
#5 |
|
Confirmed User
Industry Role:
Join Date: Nov 2003
Location: Toronto
Posts: 4,001
|
Sounds good, I will give it a whirl! Thank you
|
|
|
|
|
01-08-2005, 11:04 AM
|
#6 |
|
Confirmed User
Join Date: Jan 2005
Location: Ontario, OR
Posts: 148
|
To avoid that problem instead of using the $_GET["id"] just send them to profile.php and have it call the data using the session var, or if you don't want to be lazy and change what you have now (and this is bad form but it works
 ):PHP Code:
__________________
Structure Northwest :: the cure for the common code :: AIM: Asatruel | Yahoo!: Asatruel | ICQ: 111-638-053 |
|
|
|
