Login using sessions
Posted: Fri May 22, 2009 12:18 pm
This post was accidentally deleted by the author.
In it, I asked about storing usernames and passwords, authentication using sessions and provided the following example scripts.
My apologies to those reading.
test.php
test2.php
In it, I asked about storing usernames and passwords, authentication using sessions and provided the following example scripts.
My apologies to those reading.
test.php
Code: Select all
<?php
session_start();
//setup HTMLpurifier
require_once 'purafier/library/HTMLPurifier.auto.php';
$purifier = new HTMLPurifier();
//handle input
$quStr = $purifier->purify($_GET["aws"]);
$tok = $purifier->purify($_SESSION['token']);
if($tok != $quStr)
echo'not logged in';
else
echo'logged in';
session_regenerate_id();
$key = md5(uniqid(rand(), TRUE));
$key .= 'AVS1976JER1';
$token = md5($key);
$_SESSION['token'] = $token;
$_SESSION['status'] = 1;
$url = array();
$html = array();
$url['token'] = rawurlencode($token);
$html['token'] = htmlentities($url['token'], ENT_QUOTES, 'UTF-8');
echo $html['token'];
?>
<a href="test2.php?aws=<?php echo $html['token']; ?>">Click Here</a>
Code: Select all
<?php
session_start();
//setup HTMLpurifier
require_once 'purafier/library/HTMLPurifier.auto.php';
$purifier = new HTMLPurifier();
//handle input
$quStr = $purifier->purify($_GET["aws"]);
$tok = $purifier->purify($_SESSION['token']);
$sta = $purifier->purify($_SESSION['status']);
if($tok != $quStr && $sta != 1)
echo'not logged in';
else
echo'logged in';
session_regenerate_id();
$new_sessionid = session_id();
$_SESSION['token'] = $new_sessionid;
?>
<a href="test.php?aws=<?php echo $new_sessionid; ?>">Click Here</a>