[PHP-users 32589] セッションで制限しているページが見えてしまう

[アイレス 松本]

$B$O$8$a$FEj9FCW$7$^$9!#(B
CentOS4.4, Apache-1.3.37,php-4.4.7

$B0J2<$N$h$&$J%W%m%0%i%`$r:n ＠ .$7$^$7$?!#(B
(A.php)
$B!!#1!%%;%C%7%g%sJQ?t(Babc$B!!(B$_SESSION['abc'] = 1;
$B!!#2!%(B<A>$B%?%0$N(Blocation.href$B$K$F(BB.php$B$r<B9T$7$^$9!#(B
(B.php)
$B!!#1!%(B$_SESSION['abc'] != 1$B$J$i%(%i!<MQ(Bhtml$B$rI=<($7$^$9!#(B
$B!!#2!%>e5-0J30$ODL>o=hM}$r<B9T$7$^$9!#(B

$B$3$N;~!"%"%I%l%9%P!<$KD>@\(BB.php$B$N(BURL$B$rF~NO$7$F$b%(%i!<MQ(Bhtml$B$rI=<($7$^$9$,!"(B
$B0J2<$N<j=g$@$HDL>o=hM}$r<B9T$7$F$7$^$$$^$9!#(B
$B!!-!(BA.php$B$rI=<((B
$B!!-"(BA.php$B$N%=!<%9$r%m!<%+%k%U%)%k%@$X$=$N$^$^%3%T!<!J(Bxxxx.html$B!K(B
$B!!-#(Bxxxx.html$BFb$N(Blocation.href$B$K(BA.php$B$N(BURL$B$r(BB.php$B$KCV49$($?$b$N$K>e=q$-(B
$B!!-$(BA.php$B$OI=<($7$?$^$^$G!"(Bxxxx.html$B$r3+$-%j%s%/$r%/%j%C%/$9$k$H(BB.php$B$NDL>o=hM}$,<B9T$5$l$F$7$^$$$^$9!#(B

B.php$BB&$GCM$N%A%'%C%/$O9T$C$F$$$k$N$G$9$,!"$3$N$h$&$J;v$,$G$-$k$3$H;vBV$KLdBj$OL5$$$N$G$7$g$&$+!)(B
$BLdBj$,$"$k$H$9$l$PBP=hK!$r65$($FD:$1$J$$$G$7$g$&$+!#(B
$B$h$m$7$/$*4j$$$7$^$9!#(B