Modifying if statement
Does doing something like this create any security issues? It works for what I'm trying to do (allows a user access to their own record and their families records if they are a parent), but I didn't know if there were any risk to adding extra statements to the default rules manager "if" statement.
<?php
if((((isset($_GET['person_id'])) && ($_SESSION['userlogin_id']) !== (($_GET['person_id']))) && (($user_household_id->getColumnVal("household_position") <= 2) && (($user_household_id->getColumnVal("household")) !== ($household_id->getColumnVal("household"))))) && (!WA_Auth_RulePasses("People Directory Manager"))) {
WA_Auth_RestrictAccess("../../../login.php");
}
?>