Security question
Posted
by Syom
on Stack Overflow
See other posts from Stack Overflow
or by Syom
Published on 2010-05-09T07:49:46Z
Indexed on
2010/05/09
9:48 UTC
Read the original article
Hit count: 233
in my cms i have index.php, where client must enter username and password. if they are correct, he'll moove to admin.php, where the cms is.
but now hacker can enter to cms/admin.php, so my security now is awful.
i know, that i can use $_SESSION
variable.
index.php
- i can give some value to $_SESSION['success']:
$_SESSION['success'] = TRUE
, and in admin.php just verify it
admin.php
if($_SESSION['success'] == TRUE)
{
my script here...
}
else header("Location: index.php");
but i want to rich this effect without SESSION. could you give me an idea, how can i do it?
thanks
© Stack Overflow or respective owner