Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New Coder
    Join Date
    Aug 2002
    Location
    PA
    Posts
    93
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Header Security Question

    Hi, i have a login script that checks if a user has a correct username and password in a cookie, if it doesnt i do a

    header("Location: ./login.php");

    i need to know if people can get around the header redirect, so that i can make this in a way that they cant get into my program if they arent logged in

    tia

  • #2
    Regular Coder
    Join Date
    Feb 2003
    Posts
    101
    Thanks
    0
    Thanked 0 Times in 0 Posts
    maybe put exit; after your header redirect

  • #3
    raf
    raf is offline
    Master Coder
    Join Date
    Jul 2002
    Posts
    6,589
    Thanks
    0
    Thanked 0 Times in 0 Posts
    i need to know if people can get around the header redirect, so that i can make this in a way that they cant get into my program if they arent logged in
    Yes, of course. If you make mistakes or if they steel/create a cookie, they can.

    It all depends on what your code looks like before you do the redirect. If you have a careless or incorrect check there, then they get past it. ('getting around it' sounds a bit strange --> they can manipulate the cookie (or steal one) so that your conditions and checks that come before the redirect, all return True.
    Or they can just use someone elses computer (with a cookie on it) and walk right in.

    So you best encode the values inside the cookie and still require them to log if they want to perform more dangerous operations or see more sensitive information.


    A special case is share hosting. A server can only read cookies that he set, but if another application on the same server sets a cookie with the same name ... so it's not completely impossible that someone that wants tohack in just takes an account on the same machine and sets a cookie on his own client with the same names as yours and then logs in on your app.
    Or if you run 2 applications on a subdomain (free/low budget hosting etc) then this becomes more an issue to look into.

    If you encode the valeus with a user-specific salt, that you store in the usertable, then that becomes quite hard (well, it'll require quite some computationpower anyway) and it should then be sufficiently secure for the data/services you want to protect (for stuf like a forum or so, it can be considered suficient, for ecommerce or so, it's not sufficient)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •