PHP Sessions security.... something
Posted: Tue Feb 19, 2008 3:59 pm
hi, I'm new to php, ... have a question,
it's not a complicated one I guess...
If I have a website, and on every page there is a condition... something like that:
I wonder, if someone on his computer makes a script like this:
<?php
and after that enteres my site...
the script will deny him?
if no, please, what should I make to somehow protect my script....
I guess i need on every page to ask the database if there is such a session with "nickname" with such a "pass", yes?
The Ninja Space Goat - I edited your post to display the proper code bbcode tags for syntax highlighting
thx
If I have a website, and on every page there is a condition... something like that:
Code: Select all
if (isset($_SESSION["nickname"]) and isset($_SESSION["pass"])) {
echo "<html>
... the page....
";
} else {
echo "access denied!";
exit;
}
<?php
Code: Select all
session_start();
$_SESSION['nickname'] = "whatever";
$_SESSION['nickname'] = "whatever";
?>the script will deny him?
if no, please, what should I make to somehow protect my script....
I guess i need on every page to ask the database if there is such a session with "nickname" with such a "pass", yes?
The Ninja Space Goat - I edited your post to display the proper code bbcode tags for syntax highlighting
thx