Ideas, sessions and cookies.

[lszanto]

I was just wondering if you know on a site that they set sessions using a certain var for example:
[code]$_SESSION['permission'][/code]
And you knew if this variable was set to "true" that you could login to the site would you be able to just write you own php script that made a session true like:
[code]<?php

$_SESSION['permission'] = "true";
echo "Session Set.";

?>[/code]

Or are sessions stored for the site in a certain directory. In which case is it better to double lock the sessions/cookies as in when they login it makes a cookie and session and when they login it gives the variable true to both but encodes the cookie and when you go to each page it checks for both. I didn't know where to post it but yeah thats just some thoughts.

[fert]

sessions are stored on the server

[trq]

Sorry, youve lost me a little. What is your question?

Once a user is logged in (yes) you can set a variable to true...

[code]
<?php
  $_SESSION['permission'] = true;
?>
[/code]

Then on subsequent pages you can check if they are logged in using...

[code]
<?php
  if ($_SESSION['permission']) {
    // user logged in.
  }
?>
[/code]

[lszanto]

I'm more saying is it possible if a person knows the name of the session variable and what value they need to set it to can they just rig up a script and run it so they have the session stored to the correct value.

[trq]

The script would need to be run on your server.