I don't know of any exploit that can start a session remotely. Only thing I
can recommend is that you modify the default session id to prevent local
hackers from hijacking your sessions (assuming you're on an ISP and not
running your own server). Also you should consider testing those variables
more strictly. If you're expecting a specific value or range of values then
you should test for that instead. For example if $login is true or false
then you should test it directly with if($login=true) since any value other
than 0 will automatically evaluate to true.
"Would you recommend adding a sepparate "check for right user&pass" within
the SCRIPT_PART again?"
When you've cleared the user once why would you need to do it again on the
same page? :)
-Kevin
----- Original Message -----
From: "Duncan" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, June 24, 2002 9:53 AM
Subject: [PHP] session_is_registered = secure?
Hi there,
i created a session based login and in order to enter the selected part of
the script, i check for the passed variable and if the session is
registered, which only happens, if the user password is right.
So, currently i am checking for:
else if (($login)&&(session_is_registered('login_user')))
{
...SCRIPT_PART...
}
However, can this be exploited?
I mean, would it be possible for a user to forge the
"session_is_registered('login_user')" and so gain access to that part of the
script?
Would you recommend adding a sepparate "check for right user&pass" within
the SCRIPT_PART again?
Regards,
Duncan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
