Trouble with $_COOKIE
Posted: Fri Aug 28, 2009 2:11 pm
I've just been told that I have a security issue in the way I authorise users on my site, but I have no idea what the problem is or how I can fix it. Here is the code I am using for pages that require the user to be logged in:
I did a quick search for 'PHP cookie exploits' but I couldn't find anything that would help me solve the problem.
Code: Select all
<?php
function AuthUser()
{
if (isset($_COOKIE["user"]))
{
$loggedin = $_COOKIE["user"];
}
else
{
header("Location: /login.php");
}
}
?>