Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
<?php
session_start();
// check session variable
if (isset($_SESSION['log'])) {
//content of page
//stuff for logged in user
}
else {
echo "you must log in to see this page";
}
?>
and register_globals is left on, shouldn't an unlogged in (ab)user be able to get access the content of page by passing "?log=1" (or something thereabouts) in a query string?
<?php
session_start();
// check session variable
if (isset($log)) {
//content of page
//stuff for logged in user
}
else {
echo "you must log in to see this page";
}
?>
Hmm...thanks. I've been reading the PHP Security Consortium Security Guide (http://phpsec.org/projects/guide/) section about Sessions and am trying to figure out how the design in my original post could be compromised...is there an obvious way to crack it that I don't see??