NoDirectPhpAcess.php: logout user when he tries direct url access to a php file

pull/49/head
Hui Lan 2022-12-01 20:55:57 +08:00
parent 12520a603f
commit a753bdbafa
2 changed files with 2 additions and 2 deletions

View File

@ -10,7 +10,7 @@ include 'Header.php';
<?php <?php
// Only Lecturer or Admin could access this page // Only Lecturer or Admin could access this page
if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") { if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
die("Sorry. Nothing to see here."); die("Sorry. Nothing to see here.");
} }
?> ?>

View File

@ -2,6 +2,6 @@
// https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file // https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
if (!isset($_SERVER['HTTP_REFERER']) ) { if (!isset($_SERVER['HTTP_REFERER']) ) {
/* choose the appropriate page to redirect users */ /* choose the appropriate page to redirect users */
die( header( 'location: index.php' ) ); die( header( 'location: logout.php' ) );
} }
?> ?>