468,278 Members | 1,565 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,278 developers. It's quick & easy.

!isset

Hello,

does anybody know what the use of the exclamation mark in "!isset" is?
It seems that the script below is only willing to work properly if used
without "!".

extract($_SESSION);
if(!isset($password))
die ("Access denied");

Thanks!

Nov 8 '06 #1
2 1622
"shadowshifter" <ol***********@googlemail.comwrote in message
news:11**********************@i42g2000cwa.googlegr oups.com...
Hello,

does anybody know what the use of the exclamation mark in "!isset" is?
It is one of the basic operators, it performs a boolean NOT operation to
given value. Ie. if the value is FALSE, the NOT operator will make it TRUE,
and vice cersa, TRUE will become FALSE
It seems that the script below is only willing to work properly if used
without "!".
You are completely changing the functionality of the script to something it
was never intended.
extract($_SESSION);
if(!isset($password))
die ("Access denied");
This horrible piece of script registers all session variables as variables,
then checks weather the session variable called 'password' exists,
assumingly it is only present once the user has logged in. If it does not
exists, the script stops giving the error message 'access denied'. Once you
remove the exlamation mark, you are no longer checking weather the user is
logged in or not - in fact you are throwing out anyone who is. If this is
what you want, then you can remove the entire section of code if it is all
the same to you. Not that it was really secure in the first place...

--
"Ohjelmoija on organismi joka muuttaa kofeiinia koodiksi" - lpk
http://outolempi.net/ahdistus/ - Satunnaisesti päivittyvä nettisarjis
sp**@outolempi.net | rot13(xv***@bhgbyrzcv.arg)
Nov 8 '06 #2
Thank you for your answer. The problem occurred in an internal
information system, accessible by only a few users. There is another
virtual host running, which needed the php.ini's session parameters
adapted. Since then the first authentication of the information system
is indeed able to authenticate the user/password and to redirect into
the "odd" script which comes up with the "access denied" message
lately.

Anyway, the only protected function is an index-update, so I won't
spend much more time on the matter.

"shadowshifter" <ol***********@googlemail.comwrote in message
news:11**********************@i42g2000cwa.googlegr oups.com...
Hello,

does anybody know what the use of the exclamation mark in "!isset" is?

It is one of the basic operators, it performs a boolean NOT operation to
given value. Ie. if the value is FALSE, the NOT operator will make it TRUE,
and vice cersa, TRUE will become FALSE
It seems that the script below is only willing to work properly if used
without "!".

You are completely changing the functionality of the script to something it
was never intended.
extract($_SESSION);
if(!isset($password))
die ("Access denied");

This horrible piece of script registers all session variables as variables,
then checks weather the session variable called 'password' exists,
assumingly it is only present once the user has logged in. If it does not
exists, the script stops giving the error message 'access denied'. Once you
remove the exlamation mark, you are no longer checking weather the user is
logged in or not - in fact you are throwing out anyone who is. If this is
what you want, then you can remove the entire section of code if it is all
the same to you. Not that it was really secure in the first place...

--
"Ohjelmoija on organismi joka muuttaa kofeiinia koodiksi" - lpk
http://outolempi.net/ahdistus/ - Satunnaisesti päivittyvä nettisarjis
sp**@outolempi.net | rot13(xv***@bhgbyrzcv.arg)
Nov 8 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

3 posts views Thread by christian9997 | last post: by
2 posts views Thread by Pedro Fonseca | last post: by
9 posts views Thread by wouter | last post: by
2 posts views Thread by sathyashrayan | last post: by
2 posts views Thread by yawnmoth | last post: by
8 posts views Thread by Giovanni R. | last post: by
9 posts views Thread by arundelo | last post: by
8 posts views Thread by Simon Dean | last post: by
10 posts views Thread by major | last post: by
reply views Thread by Michael Fesser | last post: by
reply views Thread by NPC403 | last post: by
1 post views Thread by MrBee | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.