Re: is it safe to store a cookie user id as a login for my site — PHP Programming Language

You are here: Re: is it safe to store a cookie user id as a login for my site « PHP Programming Language « IT news, forums, messages

Posted by Mike Roetgers on 02/16/07 10:27

monomaniac21 schrieb:
> hi
>
> i have a php site which allows users to save a cookie on their
> computer which stores their user id details and allows them to auto-
> login.
>
> i'm wondering whether this is safe, is it possible for a malicious
> user to find that cookie and change its value and therefore auto-login
> as someone else? and if so how can this be prevented?
>
> thanks
>
> marc
>
You could store one half of the user's password hash in the cookie. When
he come back, you compare it to the hash in the db. Works for me :-)

Navigation:

Next in forum: php files downloading
Prev in forum: Re: is it safe to store a cookie user id as a login for my site
Thread view: Re: is it safe to store a cookie user id as a login for my site

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация