Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New Coder
    Join Date
    Jul 2005
    Location
    TN
    Posts
    47
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Problem with PHP login system

    I have a PHP login system on my site. Lately someone has figured out how to change the username on the cookie, therefore, they can be logged into my site as someone else, which, for obvious reasons, is not good. I am not really sure how to keep this from happening. Any help on making cookies more secure would be much appreciated. Thanks!

  • #2
    Regular Coder dniwebdesign's Avatar
    Join Date
    Dec 2003
    Location
    Carrot River, Saskatchewan
    Posts
    845
    Thanks
    15
    Thanked 10 Times in 10 Posts
    If you are not using a password to login to the website it is very unsecure. If there is a password it should compare the username and password in the cookie to the ones in the database before they proceed.
    Dawson Irvine
    CEO - DNI Web Design
    http://www.dniwebdesign.com

  • #3
    Regular Coder
    Join Date
    Dec 2005
    Posts
    346
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by chizu
    I have a PHP login system on my site. Lately someone has figured out how to change the username on the cookie, therefore, they can be logged into my site as someone else, which, for obvious reasons, is not good. I am not really sure how to keep this from happening. Any help on making cookies more secure would be much appreciated. Thanks!
    Post your code here so we can see what is wrong with your script....how are you storing the UN's & PW's?

  • #4
    New Coder
    Join Date
    Jul 2005
    Location
    TN
    Posts
    47
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Right, I do have passwords for logging in, but I don't compare them on each page. Thanks! I have it figured out now!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •