that would work but wouldnt it be impractical?mat106 wrote:It doesn't need to know which OTP to use since it runs through all values of OTP usingCode: Select all
while($row = mysql_fetch_array($get_OTP, MYSQL_BOTH))
Sessions and security
Moderator: General Moderators
If you were expecting hundreds of visitors and all at the same time then yes it would be impractical but i'm only expecting a small number of users at any given moment and as i've mentioned they all have the same username and password (due to the nature of the project) so no.
I'm more troubled at the moment by the fact that the script doesn't work rather than the practicality!! Can you (or anyone) see why this is the case?
I'm more troubled at the moment by the fact that the script doesn't work rather than the practicality!! Can you (or anyone) see why this is the case?
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
You haven't sent me a PM.Maugrim_The_Reaper wrote:See my PM.
The salt is different for each user. Each user gets a uniques salt when they visit (or refresh) the login page which is meant to get stored in the database. But as i've said none of this is actually the problem (at the moment). The problem is that 2147483647
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
The session_id is fixed for all users once they visit any page where session_start() is called. It is different for all users, so can be used as a temporary unique ID. Sessions allow data to be carried from page to page by the server without resorting to cookies or hidden form fields or GET appendages.
lol..I sent a PM to someone...wrong link maybe? In any case see the tutorial attached to mein sig.
lol..I sent a PM to someone...wrong link maybe? In any case see the tutorial attached to mein sig.