Session Authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Lets say i have a login system. This system authenticates the user via
mysql, when the user is authenticated, i set a session variable to let the
system know the user is authenticated. ie. $_SESSION["authenticated"] =
true;

Lets also say i know that's how the system works, that a session variable
within my browser is set to true. Could i do this if i knew all this info
and "authenticate" myself by setting the variable from the client side?

If it is possible, what can i do to prevent this or increase security?

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux