Good luck with learning PHP, here some tips.
This is your 'beveiliging.php' in the housekeeping:
PHP Code:
if($userinfo['rank'] < 5) {
Header("Location: ../ingelogd");
}
So, what would happen if I disable the location header? It would do let me create a news message if I want to, haha. Put a exit; into the end of a header("Location: "); otherwise, it would be vulnerable =P.
Maybe some other useful tips,
1. Use a template engine such as smarty or raintpl.
2. use require for important files such as configuration files.
3.
PHP Code:
$gebruikersnaam = $_SESSION['gebruikersnaam'];
Maybe you need to check if the session ['gebruikersnaam']; exists, before you create the session? Could lead to E_NOTICE messages. I guess that's why you're using error_reporting(0); =P.
4. You put a query in the global file, so every page you're loading, there will be one query executed? Could be done better.
There is much more I can say, but I guess you have enough now.
Goodluck!
Originally Posted by MerijnZ
