steviez Posted April 7, 2008 Share Posted April 7, 2008 Hi, I have created a login script for my site, it uses cookies to store the users username and userid then one to tell the scripts if they are logged in. What i would like to know is... Are cookies a secure way to log a user in? can they be be got arround so anyone can log in as any user? Any help would be great! Thanks Link to comment https://forums.phpfreaks.com/topic/99902-login-script-help/ Share on other sites More sharing options...
p2grace Posted April 7, 2008 Share Posted April 7, 2008 I wouldn't recommend saving any information that isn't encrypted in a cookie. Instead save the insecure information in sessions, and save an encrypted var in the cookie that you can call the rest of the data associated to that encrypted data from the db. Link to comment https://forums.phpfreaks.com/topic/99902-login-script-help/#findComment-510882 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.