Hi,
I'm currently testing out on how to implement session fixation using PHP. No worry, I'm not trying to hack, it's an assignment given by school to let us have a better understanding on how session fixation works.
Anyway, back to topic, I'm suppose to code a vulnerable website and do a session fixation on it. I've manage to successfully try out session fixation on the following code which is a single webpage (test.php) by doing http://localhost/test.php?PHPSESSID=1234 :
<?php
session_start();
if (!isset($_SESSION['visits'])) {
$_SESSION['visits'] = 1;
} else {
$_SESSION['visits']++;
}
echo $_SESSION['visits'];
?>
However, when I tries to code a simple login website which contains 3 webpages [1 - the login form page (login.php), 2 - the validation page (validate.php), 3 - the member page (member.php)], I found that it is unable to pass the fixed session ID from one page to another when I do http://localhost/login.php?PHPSESSID=abc . In short, it seems to me that the server failed to register the session ID fixed by me and pass on to the next web pages.
The simple login website works like this: User enter login.php, after user submit the login form, the form is sent to validate.php for verification. If submitted user information is correct, it will stores the user name into $_SESSION['user'] from $_GET["user"]; and it will redirect the user to member.php which will then retrieve the username from $_SESSION['user'] and display it.
I've been thinking for a day but I still can't figure out the reason why it did not work.
Thanks