Code security hazards (scattered points) I just found that a piece of verification code I wrote has serious security risks. please advise. The purpose of the code is to first determine whether the SESSION variable is registered and whether its value is valid. if the verification fails, it will jump to the logon page. if the verification succeeds, it will continue to execute: PHPcode & lt ;? Phpsession_start (); $ _ SESSION [gid] is a variable registered when the user logs on successfully. value 1 indicates the administrator group if (! Iss code security hazards (discrete)
I just found that a piece of verification code I wrote has serious security risks. please advise. The purpose of the code is to first determine whether the SESSION variable is registered and whether its value is valid. if the verification fails, the code jumps to the logon page. if the verification succeeds, the code continues to run:
PHP code
I thought the page will jump to login immediately after the first verification fails. the php page is displayed, but if the verification fails, some subsequent code will be executed (it seems that the code is not fully executed). I don't know if it takes some time to jump to the page, during the execution jump period, some subsequent code is executed? Why didn't I jump to the header () function immediately?
------ Solution --------------------
Session_start ();
If (1! = $ _ SESSION ['gid']) {
Header ("location: login. php? ". SID );
Exit ();
}
// Do some thing here
?>
Self-considered good style
------ Solution --------------------
Not understand
Experience
------ Solution --------------------
Friendship UP
------ Solution --------------------
Exit ();
------ Solution --------------------
Yes, add exit ();
------ Solution --------------------
Exit () is to be added
LZ is really generous. What are you unhappy about?
------ Solution --------------------
PHP code