[PHP-users 32590] Re: セッションで制限しているページが見えてしまう

白河博洋 hshiraka @ tatsumori.co.jp
2007年 9月 5日 (水) 09:45:00 JST


$B$*$O$h$&$4$6$$$^$9!#(B
$B;29M$^$G$K$7$F2<$5$$(B

A.php
<?php
 session_start();

 //$B%"%/%;%9BP:vMQ%;%C%7%g%s(B
 $_SESSION['toroku']="OK";
?>
B.php
<?php
 session_start();
 //error_reporting(0);

//$BEPO?%Z!<%80J30$+$i$N%"%/%;%9KI;_(B
 if($_SESSION['toroku']!="OK"){
  header('Location:index.php');
 }
?>
$B%"%$%l%9!!>>K\(B  (2007/09/05  9:53):
>$B$O$8$a$FEj9FCW$7$^$9!#(B
>CentOS4.4, Apache-1.3.37,php-4.4.7
>
>$B0J2<$N$h$&$J%W%m%0%i%`$r:n @ .$7$^$7$?!#(B
>(A.php)
>$B!!#1!%%;%C%7%g%sJQ?t(Babc$B!!(B$_SESSION['abc'] = 1;
>$B!!#2!%(B<A>$B%?%0$N(Blocation.href$B$K$F(BB.php$B$r<B9T$7$^$9!#(B
>(B.php)
>$B!!#1!%(B$_SESSION['abc'] != 1$B$J$i%(%i!<MQ(Bhtml$B$rI=<($7$^$9!#(B
>$B!!#2!%>e5-0J30$ODL>o=hM}$r<B9T$7$^$9!#(B
>
>$B$3$N;~!"%"%I%l%9%P!<$KD>@\(BB.php$B$N(BURL$B$rF~NO$7$F$b%(%i!<MQ(Bhtml$B$rI=<($7$^$9$,!"(B
>$B0J2<$N<j=g$@$HDL>o=hM}$r<B9T$7$F$7$^$$$^$9!#(B
>$B!!-!(BA.php$B$rI=<((B
>$B!!-"(BA.php$B$N%=!<%9$r%m!<%+%k%U%)%k%@$X$=$N$^$^%3%T!<!J(Bxxxx.html$B!K(B
>$B!!-#(Bxxxx.html$BFb$N(Blocation.href$B$K(BA.php$B$N(BURL$B$r(BB.php$B$KCV49$($?$b$N$K>e=q$-(B
>$B!!-$(BA.php$B$OI=<($7$?$^$^$G!"(Bxxxx.html$B$r3+$-%j%s%/$r%/%j%C%/$9$k$H(BB.php$B$NDL>o=hM}$,<B9T$5$l$F$7$^$$$^$9!#(B
>
>B.php$BB&$GCM$N%A%'%C%/$O9T$C$F$$$k$N$G$9$,!"$3$N$h$&$J;v$,$G$-$k$3$H;vBV$KLdBj$OL5$$$N$G$7$g$&$+!)(B
>$BLdBj$,$"$k$H$9$l$PBP=hK!$r65$($FD:$1$J$$$G$7$g$&$+!#(B
>$B$h$m$7$/$*4j$$$7$^$9!#(B
>
>
>



PHP-users メーリングリストの案内