Jump to content

Securing a cookie?


3raser

Recommended Posts

I was told that my login page could easily be manipulated to set themselves as my username (Mod Justin), giving them powers. How can I further secure my website's use of cookies?

 

I just visited your site as you - Mod Justin, simply by setting a 'user' cookie for your domain with your username in it.

 

Your login code is NOT effective at stopping anyone or any bot script from impersonating any of the users, even impersonating you.

 

My login code:

 

http://pastebin.com/cBLybGKq

 

Any possible solution to this?

Link to comment
Share on other sites

In your previous thread about your site being hacked/login code, someone provided a specific keyword/member search on the forum that would give you information on how to secure the login/remember-me cookie. Did you read through the replies in your previous thread?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.