Edited by p0rt at 20:30 CDT, 3 October 2011 - 400465 Hits
function is_admin() {
global $xttables;
if (defined( "COOKIE_IS_ANON" )) {
return (bool)FALSE;
}
if (defined( "COOKIE_IS_ADMIN" )) {
$admintmp = cookiedecode();
$sql = dbquery("select ( aid = '$admintmp[0]' ) from " . $xttables['authors'] . " where pwd = '$admintmp[2]' limit 1");
if ( ! empty( $admintmp ) && mysql_fetch_row( $sql ) ) {
unset( $admintmp, $sql );
return (bool)TRUE;
} else {
cleancookie();
}
unset( $admintmp, $sql );
}
return (bool)FALSE;
} // End Function
no, you live in some shitty php nuke and geocities world where people upload rotating skulls and think their haxors.Made me laugh :D
A driver is software that allows your computer to communicate with hardware or devices
A DLL is a library that contains code and data that can be used by more than one program at the same time.Also note that article also give the example of a "device driver" as a specific sub-class of of DLL that provides access to hardware.
There are lots of different devices that can be attached to your computer. These can include things that are attached to it externally, like printers and monitors, to things that are inside the computer itself, like graphics cards and sound cards.
In order for your computer to be able to use these devices, it needs to know how to communicate with them. This is done by a piece of software called a device driver.
?op=logout&sid=<?php echo session_id(); ?>2. Check that the $_GET['sid'] matches session_id()
if( $_GET['sid'] == session_id() ) {Example 2: form based actions
// do action
}
<input type="hidden" name="sid" value="<?php echo session_id(); ?>" />2. Check that the $_POST['sid'] matches session_id()
if( $_POST['sid'] == session_id() ) {
// do action
}
URL based session management has additional security risks compared to cookie based session management. Users may send a URL that contains an active session ID to their friends by email or users may save a URL that contains a session ID to their bookmarks and access your site with the same session ID always, for example. (www.php.net/session).Which is pretty easily avoided imo. Just a simple redirect via headers (header('Location: x')) will get rid of this problem. At least for a logout that is. Using sessids in url should be minimal and done only when information is edited via the url (cookies/database).