-1
我正在开发一个ASP.net项目,下面是给出的编码块,所以请让我知道这是安全的黑客?这是安全编码
public partial class Admin_frmFeesDtls : System.Web.UI.Page
{
static Common cmn = new Common();
protected void Page_Load(object sender, EventArgs e)
{
if (Session["Uid"] == null)
{
Response.Redirect("AdminLogin.aspx");
}
if (!IsPostBack)
{
if (Session["Role"].ToString() == "ADMIN")
{
SetFocus(txtHeadNM);
cmn.FillGrid("SELECT FM_CODE,FM_HEAD,FM_AMOUNT,FM_STS FROM FEE_DTLS WHERE FM_STS='Y' ORDER BY ENTRY_DT DESC ", grdDept);
}
else
{
Response.Redirect("AdminLogin.aspx");
}
}
}
这可能属于codereview.stackexchange.com – LittleBobbyTables
这是一种黑客行为:http://en.wikipedia.org/wiki/Session_hijacking –