Re: loosing cookie values in new pages — PHP Programming Language

You are here: Re: loosing cookie values in new pages « PHP Programming Language « IT news, forums, messages

Posted by Bradley Holt on 09/14/05 15:57

First, are you only storing user_id in cookies? This sounds like a
security problem. I'm guessing your user_ids are sequential and thus
easily guessed. Someone could easily create a fake cookie with a
guessed user_id and now have access to your system. You'll want to
create some sort of randomly generated md5 hash which is a lot harder
to guess (almost impossible). Or, you could just use PHPs built in
session handling which does this for you automatically.

Does this problem only happen on specific computers and not on others?
If so, it sounds like the security settings of the web browsers on
those computers are not allowing cookies.

--
Bradley Holt <bradley.holt@gmail.com>
http://www.gtalkprofile.com/profile/2.html

Navigation:

Next in forum: Re: INSERT into mysql alway make two entries
Prev in forum: Re: Programming for bank
Thread view: Re: loosing cookie values in new pages

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация