dongzhi4239 2014-08-20 06:34
浏览 235
已采纳

如何防止PHP网页中的非法访问?

I have a problem regarding access in my web pages. In log in it can already distinguish if the user is admin or not. admin has different page with ordinary.

my problem is if the user change the address in the address bar for example:

home.php -> ordinary user
home_admin.php -> administrator

Ordinary can also access the home_admin.php if the user change the address in the address bar. All my pages are using sessions.

any suggestion how can I solve my problem.

TIA

  • 写回答

5条回答 默认 最新

  • duanqian6982 2014-08-20 06:38
    关注

    You have to save the current state of access rights in your session. After that you can make a condition and if he has not enough rights to retrieve the content of the page, redirect him to another site.

    Like this example

    <?php

if($_SESSION['user_role'] !== 'administrator') {
   // redirect him
}

?>
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(4条)

报告相同问题?

悬赏问题

  • ¥15 lammps拉伸应力应变曲线分析
  • ¥15 C++ 头文件/宏冲突问题解决
  • ¥15 用comsol模拟大气湍流通过底部加热(温度不同)的腔体
  • ¥50 安卓adb backup备份子用户应用数据失败
  • ¥20 有人能用聚类分析帮我分析一下文本内容嘛
  • ¥15 请问Lammps做复合材料拉伸模拟,应力应变曲线问题
  • ¥30 python代码,帮调试
  • ¥15 #MATLAB仿真#车辆换道路径规划
  • ¥15 java 操作 elasticsearch 8.1 实现 索引的重建
  • ¥15 数据可视化Python