| <?php | |
| session_start(); | |
| // Check for the session[user_id] param to see if the user is logged in | |
| if(!isset($_SESSION['user_id'])) | |
| header('location:login.php'); | |
| echo 'This is my secret page.' | |
| // curl http://localhost/insecure.php | |
| // => "This is my secret page." | |
| ?> |
| <?php | |
| session_start(); | |
| // Check for the session[user_id] param to see if the user is logged in | |
| if(!isset($_SESSION['user_id'])) | |
| { | |
| header('location:login.php'); | |
| echo 'Denied.'; | |
| exit(); | |
| } | |
| echo 'This is my secret page.' | |
| // curl http://localhost/less_insecure.php.php | |
| // => "Denied." | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment