Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
Moderator: General Moderators
Luke
The Ninja Space Mod
Posts: 6424 Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA
Post
by Luke » Thu Aug 10, 2006 5:07 pm
Is there any possible pitfals when doing this:
Code: Select all
if(!$user->logged_in()){
// Redirect to login page
exit;
}
// Do logged in stuff
instead of this:
Code: Select all
if($user->logged_in()){
// Do logged in stuff
}
else{
// Redirect to login page
}
Last edited by
Luke on Thu Aug 10, 2006 5:34 pm, edited 1 time in total.
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Thu Aug 10, 2006 5:16 pm
written correctly (i.e. make sure there's an
exit() ).. either works just fine.
Luke
The Ninja Space Mod
Posts: 6424 Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA
Post
by Luke » Thu Aug 10, 2006 5:34 pm
like that?
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Thu Aug 10, 2006 5:43 pm
Ambush Commander
DevNet Master
Posts: 3698 Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US
Post
by Ambush Commander » Thu Aug 10, 2006 10:56 pm
If it's properly encapsulated, you should be able to get away with a return rather than an exit. But yeah, it shouldn't be a big deal (unless you have some majorly important post-script hook)
Ollie Saunders
DevNet Master
Posts: 3179 Joined: Tue May 24, 2005 6:01 pm
Location: UK
Post
by Ollie Saunders » Fri Aug 11, 2006 2:32 pm
First one if preferible because there less logic nesting.