php-windows Digest 29 Mar 2012 23:08:47 -0000 Issue 4018
Topics (messages 30817 through 30820):
Re: [PHP-DB] Session and Access Privilages.
30817 by: Trinath Somanchi
Re: Session and Access Privilages.
30818 by: Jacob Kruger
Flow of PHP testClass
30819 by: Rikin Parekh
30820 by: Jim MacDiarmid
Administrivia:
To subscribe to the digest, e-mail:
php-windows-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-windows-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-wind...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
Hi-
Since you are checking the authtype variable in the environmental variable
for each page which is requested, There cannot be any chance for a intruder
to get access to the page. But then, for an enhanced security, do maintain
a table in db with relation between authtype and access to page and
privilege. Checking the same in the page before displaying it to the user
might help you in solving the issue.
Hope this helps.
-
Trinath S
On Thu, Mar 29, 2012 at 1:00 PM, Vinay Kannan <viny...@gmail.com> wrote:
> Hey,
>
> I am working on the application, thought its not OOP currently, I plan to
> take it further in a year or so.
> Right now, I have 4 access levels which define what the users can do on the
> application.
> Based on the access levels defined, a session varialble is set called
> $_SESSION['authtype'], and this defines what are the links shown to the
> user.
> so basically the session authtype, defines what links are shown to the
> users, now i am thinking that if a user comes to know of a link whihc he
> does not have
> access to, he / she can put that in the url and try to gain access, what i
> feel is there should be some check on each of the page for the access and
> if the acess
> criteria is not met, then the user should be sent back to him home page
> view.
>
> Any ideas on what the best way is to implement something like this? Any
> help is appreciated.
>
> Thanks,
> Vinay
>
--- End Message ---
--- Begin Message ---
While not sure it's perfectly handled, have done similar things in past, and
right at tope of page, I just check if the relevant session variable is set,
if so, then might check that the value is relevant, or else use
header("Location: index.php"); followed by exit(); to reroute them back to
login page, etc.
Stay well
Jacob Kruger
Blind Biker
Skype: BlindZA
'...fate had broken his body, but not his spirit...'
----- Original Message -----
From: "Vinay Kannan" <viny...@gmail.com>
To: "PHP DB" <php...@lists.php.net>; <php-wind...@lists.php.net>;
<phpexperts-subscr...@yahoogroups.com>
Sent: Thursday, March 29, 2012 9:30 AM
Subject: [PHP-WIN] Session and Access Privilages.
Hey,
I am working on the application, thought its not OOP currently, I plan to
take it further in a year or so.
Right now, I have 4 access levels which define what the users can do on
the
application.
Based on the access levels defined, a session varialble is set called
$_SESSION['authtype'], and this defines what are the links shown to the
user.
so basically the session authtype, defines what links are shown to the
users, now i am thinking that if a user comes to know of a link whihc he
does not have
access to, he / she can put that in the url and try to gain access, what i
feel is there should be some check on each of the page for the access and
if the acess
criteria is not met, then the user should be sent back to him home page
view.
Any ideas on what the best way is to implement something like this? Any
help is appreciated.
Thanks,
Vinay
--- End Message ---
--- Begin Message ---
Hi Guys,
Given below is a PHP script. Can someone help me with the output of the
code. According to my understanding the output should be 3, 50, 20, 10. Can
someone elaborate on the same and provide me an explanation on the flow?
Thanks a lot in advance.
<?php
class TestClass {
var $a =20;
var $b =10;
function TestClass($a= null, $b=null) {
if (!is_null($a))
{
$this-‐>a= $a;
}
if(!is_null($b))
{
$this-‐>b=$b;
}
}
function printAB() {
echo $this-‐>a.” “.$this-‐>b.”\n”;
}
}
$inst1 = new TestClass(3,50);
$inst2 = new TestClass();
$inst1-‐>printAB();
$inst2-‐>printAB();
?>
--- End Message ---
--- Begin Message ---
Yes, I believe your understanding is correct... This is my understanding as
well.
In line 1 below, you are creating a new object and using the class constructor
to initialize $a and $b.
In line 2 below, you are creating a new object, with $a and $b's default
values.
In line 3 below, $a and $b are printed with the values passed through the class
constructor in line 1.
In line 4 below, $a and $b are printed with default values since nothing was
passed through the class constructor.
1 . $inst1 = new TestClass(3,50);
2 . $inst2 = new TestClass();
3. $inst1-‐>printAB();
4. $inst2-‐>printAB();
-----Original Message-----
From: Rikin Parekh [mailto:riki...@gmail.com]
Sent: Thursday, March 29, 2012 10:57 AM
To: PHP DB; php-wind...@lists.php.net; phpexperts-subscr...@yahoogroups.com
Subject: [PHP-WIN] Flow of PHP testClass
Hi Guys,
Given below is a PHP script. Can someone help me with the output of the code.
According to my understanding the output should be 3, 50, 20, 10. Can someone
elaborate on the same and provide me an explanation on the flow?
Thanks a lot in advance.
<?php
class TestClass {
var $a =20;
var $b =10;
function TestClass($a= null, $b=null) {
if (!is_null($a))
{
$this-‐>a= $a;
}
if(!is_null($b))
{
$this-‐>b=$b;
}
}
function printAB() {
echo $this-‐>a.” “.$this-‐>b.”\n”;
}
}
$inst1 = new TestClass(3,50);
$inst2 = new TestClass();
$inst1-‐>printAB();
$inst2-‐>printAB();
?>
--- End Message ---
