php - Protecting admin page without database

829

Lets say I have a page called protected.php . Is it safe to do something like this:

<?php 
if( $_GET["id"]=="a_very_hard_number")){
     continue script;
} else{
    echo  dont_hack_me; 
}   

So if I want to access the page myself, I will visit the page using the URL:www.mysite.com/protected.php?id=a_very_hard_number. I just want to know if this is safe. Since the ID is only known to me, is there any other way to bypass this?

16

Answer

Solution:

I think you should use the PHP Header Authentication instead of this.

Checkout its documentation as below.

http://php.net/manual/en/features.http-auth.php Checkout Example #2 from there.

Hope it will solve your queries.

People are also looking for solutions to the problem: cakephp 2.7 - Is there a way in PHP to do something just after the return statement ..?

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.