PHP Security

[Siggles]

Hi, I have used a user login system on my website that uses a MySQL database. To stop users seeing pages that they shouldn't I am using code such as

 

if(!$session->isAdmin()){

  header("Location: index.php");

}

else{

 

at the top of the page. Is this security enough? Is there ways around this for users / hackers?

 

Also if the site uses sessions and one account is used to connect to the dbase (for example in the config.php file) and that account in theory can do anything to the database, are there ways for users to run sql commands they shouldn't. I have a phpbb.com message board on another site and I know that uses one account to access the dbase so I know it can work this way.

 

Any advice would be appreciated before I make the site live.

[haku]

I cant see the structure of your cookie, but lets imagine you have a session variable called 'authorization'. That has the ability to be set to 'user', 'mod' and 'admin'. Now, I don't know if this is how you have it set up right now, but it looks like it might be.

 

If I am a user, and I hack into the session variable, I will see that it says I am a user. So I take a wild guess, change my variable to say 'admin', and bam, I have access to your site as an admin.

 

You should save 'mod' and 'admin' variables as separate variables, rather than only using one variable for all three. On top of this, you should use names that can't be guessed for these cookies, or a person may see a variable 'user-> true' and set 'mod -> true'.

 

php session variables are apparently one of the main ways hackers try to hack sites.