Changes in use of "empty" command between php4 and php5

Hi, I am trying to upgrade to php5. All features seem to work except the following code. This is used to access my admin. panel. Now I can enter through a back door by uing another routine and then backpaging in the browser which somehow slips around this. I would like to know how i must reword this code to function in php5. Thanks in advance for any help.

Mike (rmharrington)


<?php if (empty($_SESSION["admin"])) redirect("index.php?e=1"); //Single Delete if (!empty($_GET["delid"])) { mysql_query("delete from user_master where `user_id`=" . $_GET["delid"]); redirect($_SERVER["HTTP_REFERER"]); }

The code you posted here should work properly in PHP5. But there might be a problem with this redirect:


Value of HTTP_REFERER is set by browser, and can not be trusted. Try at least to compare this value with script name, and if equal - redirect somewhere else. So that there is no loop of redirects to the same script.

Thanks for the quick answer. Will investigate the redirect. Perhaps this will help.

Sponsor our Newsletter | Privacy Policy | Terms of Service