Re: [PHP-DB] The Ethics and Access of Login

Leif K-Brooks Mon, 28 Oct 2002 21:09:52 -0800

That's a HUGE security flaw! Anyone could send that in a GPC value and get unauthorized access! USE $_SESSION['login'] INSTEAD!!!

Daevid Vincent wrote

Then at the top of each page, just check if they're logged in or not. if( !$login ) { Header("Location: ".$LOGINPAGE."\n\n"); exit; }

--
The above message is encrypted with double rot13 encoding.  Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law.





--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DB] The Ethics and Access of Login

Reply via email to