!isset

"shadowshifter" <ol***********@googlemail.comwrote in message
news:11**********************@i42g2000cwa.googlegr oups.com...

Hello,

does anybody know what the use of the exclamation mark in "!isset" is?

It is one of the basic operators, it performs a boolean NOT operation to
given value. Ie. if the value is FALSE, the NOT operator will make it TRUE,
and vice cersa, TRUE will become FALSE

It seems that the script below is only willing to work properly if used
without "!".

You are completely changing the functionality of the script to something it
was never intended.

extract($_SESSION);
if(!isset($password))
die ("Access denied");

This horrible piece of script registers all session variables as variables,
then checks weather the session variable called 'password' exists,
assumingly it is only present once the user has logged in. If it does not
exists, the script stops giving the error message 'access denied'. Once you
remove the exlamation mark, you are no longer checking weather the user is
logged in or not - in fact you are throwing out anyone who is. If this is
what you want, then you can remove the entire section of code if it is all
the same to you. Not that it was really secure in the first place...

--
"Ohjelmoija on organismi joka muuttaa kofeiinia koodiksi" - lpk
http://outolempi.net/ahdistus/ - Satunnaisesti päivittyvä nettisarjis
sp**@outolempi.net | rot13(xv***@bhgbyrzcv.arg)

Thank you for your answer. The problem occurred in an internal
information system, accessible by only a few users. There is another
virtual host running, which needed the php.ini's session parameters
adapted. Since then the first authentication of the information system
is indeed able to authenticate the user/password and to redirect into
the "odd" script which comes up with the "access denied" message
lately.

Anyway, the only protected function is an index-update, so I won't
spend much more time on the matter.

"shadowshifter" <ol***********@googlemail.comwrote in message
news:11**********************@i42g2000cwa.googlegr oups.com...

Hello,

does anybody know what the use of the exclamation mark in "!isset" is?

It is one of the basic operators, it performs a boolean NOT operation to
given value. Ie. if the value is FALSE, the NOT operator will make it TRUE,
and vice cersa, TRUE will become FALSE

It seems that the script below is only willing to work properly if used
without "!".

You are completely changing the functionality of the script to something it
was never intended.

extract($_SESSION);
if(!isset($password))
die ("Access denied");

This horrible piece of script registers all session variables as variables,
then checks weather the session variable called 'password' exists,
assumingly it is only present once the user has logged in. If it does not
exists, the script stops giving the error message 'access denied'. Once you
remove the exlamation mark, you are no longer checking weather the user is
logged in or not - in fact you are throwing out anyone who is. If this is
what you want, then you can remove the entire section of code if it is all
the same to you. Not that it was really secure in the first place...

--
"Ohjelmoija on organismi joka muuttaa kofeiinia koodiksi" - lpk
http://outolempi.net/ahdistus/ - Satunnaisesti päivittyvä nettisarjis
sp**@outolempi.net | rot13(xv***@bhgbyrzcv.arg)