Code: Select all
if (verify_logon($_POST['username'], $_POST['password']);
$username = $_POST['username'];
$password = $_POST['password'];
dvdbinternet wrote:For a user that wants to do damage it is also possible to make the cookie himself.
I let the user login in on a page and the remember his username and password in the session variables. in other words, I place the username and password in a variable and use "session_register();" with that variable. each time a page is called these variables are available.
you can then check that variable each time if the user has enough acces-rights.
You won't have to check that each time with you're database because you allready did that once (but still, you could check).
When I'm not completely clear, let me know.
Users browsing this forum: No registered users and 1 guest