Jump to content

Recommended Posts

Question: Is it possible to use php to make cookies as

secure and tight as a Dog A**!?

 

Example from phpfreaks!! Always stay logged in....

__utma
29981182.1480628556.1178052174.1178133717.1178149801.6
phpfreaks.com/
1600
2350186496
32111674
2568249184
29854996
*
__utmz
29981182.1178052174.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
phpfreaks.com/
1600
111027328
29891482
1255515376
29854769
*
__utmb
29981182
phpfreaks.com/
1600
3427920000
29855000
2615909184
29854996
*

Link to comment
https://forums.phpfreaks.com/topic/49735-remember-feature-weigh-in-please/
Share on other sites

Question: Is it possible to use php to make cookies secure and tight?

 

Umm... cookies are cookies. No matter how you create them, they are still going to be able to be manipulated. How well you encode and protect your server side data tied to those cookies is up to you. Is it possible to create cookies that mean something to your user and nothing to anyone who may be able to hijack their cookie? Most likely not, unless you are, in addition to the cookie data, checking their IP address against their last known location to make sure they're still within a valid range.

 

I'm afraid this question really needs a bit more explanation to give you anything useful to go try.

sessions (aka server side cookies)

 

I am using this right now, but its a long

ways from completion.

<?php
function check_valid_user()
// see if somebody is logged in and notify them if not
{
  // Check if user has been remembered 
   if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
      $_SESSION['valid_user'] = $_COOKIE['cookname'];
      $_SESSION['password'] = $_COOKIE['cookpass'];
   }

   // Username and password have been set 
   if(isset($_SESSION['valid_user']) && isset($_SESSION['password'])){
      // Confirm that username and password are valid 
      if(login($_SESSION['valid_user'], $_SESSION['password']) != 0){
         // Variables are incorrect, user not logged in 
         unset($_SESSION['valid_user']);
         unset($_SESSION['password']);
         return false;
      }
      return true;
   }
   // User not logged in 
   else{
      return false;
   }
    
}// End of Function
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.