1 Replies - 519 Views - Last Post: 02 September 2012 - 03:17 AM Rate Topic: -----

#1 adn258  Icon User is offline

  • D.I.C Addict

Reputation: 11
  • View blog
  • Posts: 761
  • Joined: 31-August 11

Is It Important In a Login System To Protect Action PHP Pages?

Posted 02 September 2012 - 02:49 AM

In other words using a <form and there's an action in another php page that uses the $_POST etc. If you are using a login system with sessions if there is sensitive stuff that could be gotten from that page or even if there isn't is it important to protect that action php page by checking to see if the user accessing that page is in session i.e. logged in? Otherwise I'd assume it's a security risk because hackers could type in the php action page or try to post things to it is this correct? I don't know so thanks in advance guys.

Is This A Good Question/Topic? 0
  • +

Replies To: Is It Important In a Login System To Protect Action PHP Pages?

#2 RudiVisser  Icon User is offline

  • .. does not guess solutions
  • member icon

Reputation: 1003
  • View blog
  • Posts: 3,562
  • Joined: 05-June 09

Re: Is It Important In a Login System To Protect Action PHP Pages?

Posted 02 September 2012 - 03:17 AM

I'm not sure exactly what you're asking here.

If you have a login page and actions that require you to login before you use them, then of course you should protect them by using a session or whatever other means of protection you deem necessary.

Any "protected" actions shouldn't be able to run without a valid login, hence the whole point of a login :)

Sorry if you're asking something else, but it doesn't seem clear to me.
Was This Post Helpful? 1
  • +
  • -

Page 1 of 1