php: security question
Posted
by Syom
on Stack Overflow
See other posts from Stack Overflow
or by Syom
Published on 2010-05-09T07:49:46Z
Indexed on
2010/05/09
7:58 UTC
Read the original article
Hit count: 243
php
in my cms i have index.php, where client must enter username and password. if they are correct, he'll moove to admin.php, where the cms is.
but now hacker can enter to cms/admin.php, so my security now is awful.
i know, that i can use $_SESSION
variable.
index.php
- i can give some value to $_SESSION['error']:
$_SESSION['error'] = TRUE
, and in admin.php just verify it
admin.php
if($_SESSION['error'] == TRUE)
{
my script here...
}
else header("Location: index.php");
but i want to rich this effect without SESSION. could you give me an idea, how can i do it?
thanks
© Stack Overflow or respective owner