Posted by Rik on 10/27/06 13:38

laredotornado@zipmail.com wrote:
> If data is POSTed to a PHP page (say form_response.php) and the
> request
> is first intercepted by accesscontrol.php, if I determine that the
> user
> is logged in and then have a line
>
> include($requested_file) (as I believe was in your example)
>
> will the POSTed request still be in tact for processing by
> form_response.php?


Well, I simple test could have told you that, but yes, it will be available
(contrary to redirects done with header('Location: etc..');, this
redirection is done internally in the webserver and will make the POST (and
COOKIE & FILES) available to the script).

Be sure though, that the file that is requested is indeed one of your
locally hosted trusted files.
--
Rik Wasmus

[Back to original message]