Page 1 of 1

Need help...

Posted: Mon Nov 29, 2010 10:40 am
by amirbwb
hello everyone...
I have some experience in PHP and now i'm trying to create a dynamic website so i've create about 40 pages for my sites and i'm still developping it...
I've learned everything by my self by reading and watching lessons video about PHP&MYSQL wich makes me what to know more and more about using these 2 apps together ... NB:I don't understand english alot so please try to know what i want and helps ...IF SOMEONE WANTS TO REPLY ME A STUDID ANSWER WICH DON'T ACTUALLY IS NOT RELATED TO THIS TOPIC DON'T CONTINUE READING.
So lets get into questions:
first in my login.php i've DONE everything using Dreamweaver. And every thing is ok but i've readed in a lot ok sites about starting session OR cookies when user login.
So i didn't noteced the difference bertween them and i don't actually know wich one i should use...
know that i'm using Adobe Dreamweaver wich is generating everything fore me but. And in Dreamweaver... a session is started when a user login to the site coded in DW. so i've tried a trick of trying to hack my website to see if it's secure or not. so i've concluded that if i create 2 different websites and has the same session variable when user loging, so the user logged in one of the 2 sites can acess to a secure page in the second website (UNDERSTAND ????!!)
EXAMPLE :
firstsite called A
second called B

when logging in to a secure page in A, a session called $_SESSION['C'] is opened;
the session is still vaild (not killed), when i acess to a secure page in website B, the user will enter like if he tyoed his user name and password before entering (I've maked sure that this secure page should have $_SESSION['C'] open, else will be redirected to login.php).

So what should i do?? changing the name of the session (But i don't think that this is the solution ) or any thing else ???

THANKS A LOT FOR ANSWERING THIS QUESTION .. WICH WILL GIVES ME A PUSH IN PHP ..

Re: Need help...

Posted: Mon Nov 29, 2010 11:20 am
by Jonah Bron
The session is still there because it's on the same domain. You need to change the name of the session, so one site A is $_SESSION['A'] and site B is $_SESSION['B'].

Re: Need help...

Posted: Mon Nov 29, 2010 11:33 am
by amirbwb
aha so let's say that facebook.com will open a session called $_SESSION['FBsession'] when logging in.
if i creted this session in my localhost and then accessed to facebook.com/home.php it will display me the content ??
THIS IS AN EXAMPLE ...

Re: Need help...

Posted: Mon Nov 29, 2010 11:50 am
by Jonah Bron
No, because it's on a different domain/server. The session data is stored on the server, not the client.

Re: Need help...

Posted: Mon Nov 29, 2010 12:21 pm
by amirbwb
OK thank bro for your help ... :D :D