Welcome Guest, Not a member yet? Register   Sign In
Uber-simple login script...
#3

[eluser]Tim Skoch[/eluser]
Thanks!

The JavaScript idea sounds fun.

I don't understand how someone could tamper with a $_SESSION[] variable, though. When PHP uses sessions, the only thing it sends to the user is their session ID - it stores all of the data on the server (at least that's what I understood - but I've been wrong before!). Hence, all they could POTENTIALLY do is spoof a session which wasn't theirs. But I don't think they can inject arbitrary data into the $_SERVER variables.

Anyway, thanks for the input! :-)


Messages In This Thread
Uber-simple login script... - by El Forum - 10-14-2008, 10:08 AM
Uber-simple login script... - by El Forum - 10-14-2008, 03:29 PM
Uber-simple login script... - by El Forum - 10-14-2008, 03:58 PM
Uber-simple login script... - by El Forum - 10-14-2008, 06:04 PM
Uber-simple login script... - by El Forum - 10-14-2008, 07:06 PM
Uber-simple login script... - by El Forum - 10-15-2008, 01:06 AM
Uber-simple login script... - by El Forum - 10-15-2008, 07:32 AM



Theme © iAndrew 2016 - Forum software by © MyBB