Jump to content

astricks

New Members
  • Posts

    3
  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

astricks's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. i cant understand what is the problem. with ssl you just change the http to https.. it doesnt get any more complicated than that (at least for you) i guess that in that particular software (even though i have never used it, so i may be wrong) u just changed the navigation links at the cfg file or in the acp.
  2. i do the same things. i wanted to know if there are any other security holes that may appear (maybe there is some way to create sessions, dunno), and if there are, i should start using session id's in order to verify the users connection. about cookies, well its actually the same because i only create the cookie and do the verification once (and the i just continue using sessions).
  3. i wanted to ask you how should i protect my scripts to prevent hacking to session's and cookies - and no, im not talking about the actual insert queries that requires addslashes and so on. In my cookies i usually just include my password (encrypted) and my UserID - check them with a simple mysql query. The sessions usually just approves that the user has logged in properly,therefore, has only one variable named ie "has_logged_in". are ther any common mistakes that is hould look over? another thing is, how should i use the session.id in order to check for approved login. thanks, ben.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.