cs.punk Posted October 22, 2009 Share Posted October 22, 2009 Try this out for yourself with cookies turned off freaky.php <?php session_start(); $_SESSION['number'] = 3; $_SESSION['key'] = time(); $key = "{$_SESSION['key']}"; if ($key == "") {die("You will never know #1") ; } else {echo "HUH?@!??????????????????????" . $key; print_r ($_SESSION); } ?> ... I am trying to make a 'sql querier' file... Protected by a password... I know this is rather pointless but I still feel to continue . And that if cookies is turned off it kinda well not really protects me from a brute force attack... Although whats there to protect?... Quote Link to comment Share on other sites More sharing options...
trq Posted October 22, 2009 Share Posted October 22, 2009 Your point? You haven't left the same page. Quote Link to comment Share on other sites More sharing options...
Mchl Posted October 22, 2009 Share Posted October 22, 2009 With cookies turned of sessionid is put into url anyway. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.