Re: [PHP] Help with login

On Fri, Jun 27, 2008 at 1:36 PM, Richard Heyes <[EMAIL PROTECTED]> wrote: >> if (isset($_COOKIE["auth"]) && !isset($_GET["page"])) >>{ >>include($GLOBALS['admin_index']); >>die(); >>} > > Your script is awfully insecure. $_COOKIE is user supplied, so in if I hand > craft a request,

Re: [PHP] Help with login

if (isset($_COOKIE["auth"]) && !isset($_GET["page"])) { include($GLOBALS['admin_index']); die(); } Your script is awfully insecure. $_COOKIE is user supplied, so in if I hand craft a request, I could just send an auth cookie which is set to 1. Relying on people not knowing is n

Re: [PHP] Help with login

At 8:37 AM -0400 6/27/08, Dan Shirah wrote: > Hey, I think this should be working but it doesn't seem to be. $_GET["page"] $_SERVER['PHP_SELF'] What is the error message you are getting? And, why are you using different quotes throughout all of your script? I believe you should use si

Re: [PHP] Help with login

> > Hey, I think this should be working but it doesn't seem to be. > > $_GET["page"] > $_SERVER['PHP_SELF'] What is the error message you are getting? And, why are you using different quotes throughout all of your script? I believe you should use single quotes for all of your server generated

[PHP] Help with login

Hey, I think this should be working but it doesn't seem to be. Administrator Login Username: Password:

Re: [PHP] Help with login/redirect/insert to dbase

I think you better describe your question here and wait for the world to answer. -- Maxim Maletsky [EMAIL PROTECTED] "Karl James" <[EMAIL PROTECTED]> wrote... : > Hello guys > > Happy thanksgiving!!! > > My question is > I'm Trying to apply this code to what I have done already on my sit

[PHP] Help with login/redirect/insert to dbase

Hello guys Happy thanksgiving!!! My question is I'm Trying to apply this code to what I have done already on my site http://robouk.mchost.com/tuts/tutorial.php?tutorial=login1 my site is this. http://www.ultimatefootballleague.com Im trying to do