SitePoint Sponsor

User Tag List

Results 1 to 2 of 2

Thread: Login Secure

  1. #1
    SitePoint Zealot
    Join Date
    Mar 2007
    Posts
    106
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Login Secure

    I have built a MEMBERSHIP SYSTEM TO MY SITE. bUT IT IS HARDLY VERY SECURE. bASICALLY WHAT i DO IS SEND PEOPLE OPFF TO A LOGIN PAGE. tHEN THEY ENTER THEIR LOGIN AND PASSWORD. tHATS SECURE. bUT I pass the details of the login to each page through a page parameter eg

    index.php?id=$name

    Once people have logged in then its potentially very insecure. If people copy a url then they are passing on a logged in name eg

    index.php?id=$michaelbirch

    How can you make a login that is secure? One where you can go from one page to another. Also one that spots when you have not logged in. I suppose it could be done by dropping a cookie but I rather wanted to avoid using cookies as a central part oif the system. Many systems exclude the use of cookies.

  2. #2
    SitePoint Enthusiast
    Join Date
    Mar 2002
    Location
    Whistler, Canada
    Posts
    51
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi there,

    Try using sessions. Start your session using session_start(), then you can save the username and other parameters in $_SESSION. Have a look here for more information about sessions.

    Hope this helps.

    Cheers,
    Pepe


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •