我想编写一个只能由管理员访问的脚本。
这就是我想做的事情:
session_start();
if (!isset($_SESSION['user_id'])) { //not logged in
//redirect to homepage
header("Location: http://domain.com/index.php");
die();
}
if ($_SESSION['user_level'] != 1337) { //not admin
//redirect to homepage
header("Location: http://domain.com/index.php");
die();
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') { //form is submitted
//validate the submitted data
//submit the query
}
//form goes here
我的问题是:是否有更好的方法来验证这一点(例如,是否应该嵌套所有三个条件)或者这是否足够?
干杯,
n1te