Page 2 of 2
Posted: Wed Jan 31, 2007 12:38 am
by gavin1996
You can limit a domain:
setcookie("cookie_name","cookie_value","abc.com");
Posted: Thu Feb 01, 2007 3:40 pm
by Mad0Driver
Okay, please correct me if i'm wrong- but this is what i need to do (I think).
I need to add an additional column to one of the phpbb tables, and i need to have the login function set $xvariable, which needs to be a radomly generated # with an expiration date of ~10-15 seconds.
I beleive that phpbb uses $user_ip to get the users IP address and then hashes it, i would need to create a script that verified the persons ip address where $xvariable (from the URL) = $xvariable (from the db).
If so, i could then continue on with the rest of the normal scripts for obtaining the user information, etc. My one last question is about phpbb, if i want the cookies to show up, i need to install phpbb to secureexample.com, correct? i dont want to because that would mean that all forum info would be on the secrue server as well.
Thanks,
Austin
Posted: Thu Feb 01, 2007 5:33 pm
by Kieran Huggins
Give it a try and see how it goes! (I'd use a separate table though...)
Posted: Tue Feb 06, 2007 1:36 pm
by Mad0Driver
I had an additional thought. I have been working on this and i was wondering-
When i sign in, the first page i'm redirected to has me as "logged in" and there is a sessid in the URL. Could i simply query the URL for the info and then store that into a cookie? Is there a chance that someone else could interfere with an immediate redirection? if they immediately went to page x that got the value of the sessid in the url and then got the other information, then redirected me to page y, would that be okay?
Thanks