hi List,

I have written a library of php classes to manage database objects.
So my application now access to this library instead of accessing
directly to the database.

Now, I need to add an access control to my classes, like a check to a
$_SESSION variable.

A solution can be add this lines in first rows in every method:
" session_start();if(!isset($_SESSION['user'])) { return 999; } "

class sysAccess{
        function getName()
            session_start();if(!isset($_SESSION['user'])) { return
999; }

In this way, I am sure that only trusted users have an access to the
But,  If I forget to "protect" a single method, there will be a serious
vulnerability ..and this task will be long (and boring..)

Is there a better solution to protect access to publics object's methods
only to granted accounts? 

Thanks in advance

Lorenzo Marussi

Reply via email to