NoDirectPhpAcess.php: logout user when he tries direct url access to a php file

2022-12-01 20:55:57 +08:00 · 2022-12-01 20:55:57 +08:00 · a753bdbafa
parent 12520a603f
commit a753bdbafa
2 changed files with 2 additions and 2 deletions
--- a/Admin.php
+++ b/Admin.php
@ -10,7 +10,7 @@ include 'Header.php';
 <?php
 // Only Lecturer or Admin could access this page
 if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
-  die("Sorry.  Nothing to see here.");
+    die("Sorry.  Nothing to see here.");
 }
 ?>

--- a/NoDirectPhpAcess.php
+++ b/NoDirectPhpAcess.php
@ -2,6 +2,6 @@
    // https://stackoverflow.com/questions/33999475/prevent-direct-url-access-to-php-file
    if (!isset($_SERVER['HTTP_REFERER']) ) {
        /* choose the appropriate page to redirect users */
-        die( header( 'location: index.php' ) );
+        die( header( 'location: logout.php' ) );
    }
 ?>