Reply to Re: [PHP] php session in ie

Your name:

Reply:


Posted by "Richard Lynch" on 11/11/05 20:23

He's not storing the password in a Cookies.

He's storging it in a $_SESSION

Which is still a Risk, especially on a shared server, but it's not
necessarily in the category of "Never do this"

On Fri, November 11, 2005 9:48 am, Stephen Leaf wrote:
> For security.. *never* store the password in a cookie..
> if you must... instead do some sort of encryption on it and some other
> value
> store that and use it for verification.
>
> On Friday 11 November 2005 05:43 am, sunaram patir wrote:
>> Hi, i am having problem with internet explorer. i am working on a
>> project on building a website where i need to keep track of the
>> users
>> i.e. i use a login system in there in short. with the following code
>> i
>> check whether the user is logged in or not.
>> <?php
>> session_start();
>>
>> $_SESSION['myurl']=$_SERVER['PHP_SELF'];
>> if(!isset($_SESSION['student_username']) &&
>> !isset($_SESSION['student_password']))
>> header("Location: login.php");
>> ?>
>>
>> if the user is not logged in, it redirects to the login page
>> login.php
>> as is shown in the above code. now the user is allowed to log in
>> through the following code:
>>
>>
>> <?php
>> session_cache_limiter('private_no_expire');
>> session_set_cookie_params(0,"/","schools.zenrays.com");
>> session_start();
>> $auth=false;
>> ................
>> ................
>> ................
>>
>> if($auth){
>> $_SESSION["student_username"]=$Effectivelogin;
>> $_SESSION["student_password"]=$pass;
>> if(isset($_SESSION['myurl']))
>> header("Location:
>> http://schools.zenrays.com".$_SESSION['myurl']); else
>> header("Location: http://schools.zenrays.com/students");
>>
>> }
>>
>> it works fine in firefox and msn explorer. in internet explorer,
>> when
>> i visit to a
>> link in any page it asks for the login details again. could anyone
>> please help me out?!
>> regards,
>> sunaram
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


--
Like Music?
http://l-i-e.com/artists.htm

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация