SitePoint Sponsor

User Tag List

Results 1 to 2 of 2

Thread: Login Secure

  1. Jun 19, 2007 02:20 #1
    unclesirbobby
    unclesirbobby is offline
    SitePoint Zealot
    Join Date
    Mar 2007
    Posts
    106
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Login Secure

    I have built a MEMBERSHIP SYSTEM TO MY SITE. bUT IT IS HARDLY VERY SECURE. bASICALLY WHAT i DO IS SEND PEOPLE OPFF TO A LOGIN PAGE. tHEN THEY ENTER THEIR LOGIN AND PASSWORD. tHATS SECURE. bUT I pass the details of the login to each page through a page parameter eg

    index.php?id=$name

    Once people have logged in then its potentially very insecure. If people copy a url then they are passing on a logged in name eg

    index.php?id=$michaelbirch

    How can you make a login that is secure? One where you can go from one page to another. Also one that spots when you have not logged in. I suppose it could be done by dropping a cookie but I rather wanted to avoid using cookies as a central part oif the system. Many systems exclude the use of cookies.
    http://scarboroughphotos.110mb.com/surfers/surfcity.php
  2. Jun 19, 2007 08:00 #2
    IP-Dope
    IP-Dope is offline
    SitePoint Enthusiast IP-Dope's Avatar
    Join Date
    Mar 2002
    Location
    Whistler, Canada
    Posts
    51
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi there,

    Try using sessions. Start your session using session_start(), then you can save the username and other parameters in $_SESSION. Have a look here for more information about sessions.

    Hope this helps.

    Cheers,
    Pepe
    Neanderthal Technology
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules