Re: [PHP] php session in ie — PHP — IT news, forums, messages

You are here: Re: [PHP] php session in ie « PHP « IT news, forums, messages

Posted by "Richard Lynch" on 11/11/05 20:23

He's not storing the password in a Cookies.

He's storging it in a $_SESSION

Which is still a Risk, especially on a shared server, but it's not
necessarily in the category of "Never do this"

On Fri, November 11, 2005 9:48 am, Stephen Leaf wrote:
> For security.. *never* store the password in a cookie..
> if you must... instead do some sort of encryption on it and some other
> value
> store that and use it for verification.
>
> On Friday 11 November 2005 05:43 am, sunaram patir wrote:
>> Hi, i am having problem with internet explorer. i am working on a
>> project on building a website where i need to keep track of the
>> users
>> i.e. i use a login system in there in short. with the following code
>> i
>> check whether the user is logged in or not.
>> <?php
>> session_start();
>>
>> $_SESSION['myurl']=$_SERVER['PHP_SELF'];
>> if(!isset($_SESSION['student_username']) &&
>> !isset($_SESSION['student_password']))
>> header("Location: login.php");
>> ?>
>>
>> if the user is not logged in, it redirects to the login page
>> login.php
>> as is shown in the above code. now the user is allowed to log in
>> through the following code:
>>
>>
>> <?php
>> session_cache_limiter('private_no_expire');
>> session_set_cookie_params(0,"/","schools.zenrays.com");
>> session_start();
>> $auth=false;
>> ................
>> ................
>> ................
>>
>> if($auth){
>> $_SESSION["student_username"]=$Effectivelogin;
>> $_SESSION["student_password"]=$pass;
>> if(isset($_SESSION['myurl']))
>> header("Location:
>> http://schools.zenrays.com".$_SESSION['myurl']); else
>> header("Location: http://schools.zenrays.com/students");
>>
>> }
>>
>> it works fine in firefox and msn explorer. in internet explorer,
>> when
>> i visit to a
>> link in any page it asks for the login details again. could anyone
>> please help me out?!
>> regards,
>> sunaram
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--
Like Music?
http://l-i-e.com/artists.htm

Navigation:

Next in forum: Re: [PHP] php session in ie
Prev in forum: Changing databases from MySQL to Oracle
Thread view: Re: [PHP] php session in ie

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация