lszanto Posted January 11, 2007 Share Posted January 11, 2007 I was just wondering if you know on a site that they set sessions using a certain var for example:[code]$_SESSION['permission'][/code]And you knew if this variable was set to "true" that you could login to the site would you be able to just write you own php script that made a session true like:[code]<?php$_SESSION['permission'] = "true";echo "Session Set.";?>[/code]Or are sessions stored for the site in a certain directory. In which case is it better to double lock the sessions/cookies as in when they login it makes a cookie and session and when they login it gives the variable true to both but encodes the cookie and when you go to each page it checks for both. I didn't know where to post it but yeah thats just some thoughts. Link to comment https://forums.phpfreaks.com/topic/33697-ideas-sessions-and-cookies/ Share on other sites More sharing options...
fert Posted January 11, 2007 Share Posted January 11, 2007 sessions are stored on the server Link to comment https://forums.phpfreaks.com/topic/33697-ideas-sessions-and-cookies/#findComment-158011 Share on other sites More sharing options...
trq Posted January 11, 2007 Share Posted January 11, 2007 Sorry, youve lost me a little. What is your question?Once a user is logged in (yes) you can set a variable to true...[code]<?php $_SESSION['permission'] = true;?>[/code]Then on subsequent pages you can check if they are logged in using...[code]<?php if ($_SESSION['permission']) { // user logged in. }?>[/code] Link to comment https://forums.phpfreaks.com/topic/33697-ideas-sessions-and-cookies/#findComment-158013 Share on other sites More sharing options...
lszanto Posted January 11, 2007 Author Share Posted January 11, 2007 I'm more saying is it possible if a person knows the name of the session variable and what value they need to set it to can they just rig up a script and run it so they have the session stored to the correct value. Link to comment https://forums.phpfreaks.com/topic/33697-ideas-sessions-and-cookies/#findComment-158015 Share on other sites More sharing options...
trq Posted January 11, 2007 Share Posted January 11, 2007 The script would need to be run on your server. Link to comment https://forums.phpfreaks.com/topic/33697-ideas-sessions-and-cookies/#findComment-158017 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.