Jump to content

preg match sessions


AdRock

Recommended Posts

I am have some sessions registered and I want to compare them with values from a database to check if they have been tampered with. 

 

This is becuase I am creating sessions from cookies and if anyone has tampered with the cookies, then the sessions will eventually be unset after they have be compared with what's in the database.

 

I have part of a function which i want to know if it is correct or not to compare what is in the sessions with what is in database

 

$items = array();
    while ($row = $result->fetch()) {
	$items = array(
		'user_id' => $row['userid'],
		'username' => $row['username'],
		'email' => $row['email'],
		'user_level' => $row['user_level'],	
		'encrypted_id' => md5($row['userid']),
		'encrypted_name' => md5($row['username']),
		'encrypted_email' => md5($row['email']),
		'encrypted_user' => md5($row['user_level'])
		)
}
$session_array = array(
	$_SESSION['userid'],
	$_SESSION['username'],
	$_SESSION['password'],
	$_SESSION['username'],
	$_SESSION['email'],
	$_SESSION['encrypted_id'],
	$_SESSION['encrypted_name'],
	$_SESSION['encrypted_pass'],
	$_SESSION['encrypted_email'],
	$_SESSION['encrypted_user']
)

if(preg_match_all($session_array, $items)) {
	return true;
}

Link to comment
https://forums.phpfreaks.com/topic/151628-preg-match-sessions/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.