I am not sure I am doing this right,
I have login.php which does:
$ua = $_SERVER['HTTP_USER_AGENT'];
$ua .= rand(0,4200);
$ua = md5($ua);
and upon successful auth, I push them to the main program:
header ("Location: squert.php?id=$ua");
at the beginning of squert.php I have:
if(!isset($_SESSION['sUser'])) { sKill(); } else { $sUser =
$_SESSION['sUser'];}
if(!isset($_SESSION['sEmail'])) { sKill(); } else { $sEmail =
$_SESSION['sEmail'];}
if(!isset($_SESSION['sType'])) { sKill(); } else { $sType =
$_SESSION['sType'];}
if(!isset($_SESSION['sTime'])) { sKill(); } else { $sTime =
$_SESSION['sTime'];}
if(!isset($_REQUEST['id'])) { sKill(); } else { $id = $_REQUEST['id'];}
sKill just does session unset|destroy and redirects to login.php.
Is this right? I am not sure that the id part is.
Thanks.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
