kvarnerexpress
Jul 23 2005, 01:21 PM
| | Alright, so I have an app I forgot I have that was written by a much better/older coder then myself, luckily I am allowed to look through it and it's teaching me a lot...i'm confused about something though...
in the application.cfm page, he has a parameter, "session.admin" it defaults to 0, which makes sense. When you log in, if you are an admin, it changes the session variable to 1...which also makes sense.
Although inside all of the pages that are supposed to be protected (and are protected) by this, I can't seem to find any code that seems to validate for that.
Essentially i'm looking for some kind of if statement checking the session.admin variable, but I can't see anything of the sort...which makes me wonder how in the world is the page secure, but it is.
Is there something i'm missing, or somewhere I should look, some file name that all CF developers use to make a list of protected pages?
Thanks
|
Reply
Similar Topics
Keywords : sessions
- Get User Info True Sessions Or Cookies
need help on this (0)
Something I Discovered With Sessions [php]
(4) Hello All, I've been doing a lot of PHP programming since I last posted here. I've run
across two security related things with sessions that you may or may not know about. The first one
pertains to the session id, or the id that PHP assigns each computer when a session is created.
This id is either stored in a cookie (search for PHPSESSID) or through the URL as GET data.
Remember that all session data is stored server side; this ID is the only thing that PHP will use to
differentiate your computer from someone else's. While I was programming for Plug ....
Php Sessions And Post Variables Issues
My script dosent seem to work as intended (1) You can test it out for yourself at http://sonesay.trap17.com/application.php I've been
working on this page locally and it seems to be working fine but when I upload it to my trap17
account the post variables dont get saved properly. Fill in some fields and submit it, the form
will come up as a empty field yet when you resubmit it without any modifications and the data you
entered in orginally will now magically appear, resubmit it again and it will be gone. This is
really annoying as I have no clue why it would be doing this when it seems to work fine locally.....
<?php ?> Unique Visitors Script
Flat file unique visitors script (no sessions) (2) This is really simple script. Well at least this part is, but it could be extendable. Only problem
is that it's not really for massive websites with hundread of visitors a day, but rather for
small ones. But it is a good script to figure out how to make a visitor counter script. Anyway
here's the snippet. CODE <?php function getVisits($variable) {
$visits = array(); if ($handle =
opendir('stats/')) { while (false !== ($file =
readdir($handle))) { ....
Sessions And Our First Project
Seventh PHP Tutorial (0) Intro To PHP Tutorial 7 - Sessions and Our First Project Released 4/27/07 By Chris Feilbach aka
GhostRider Contact Info: E-mail: assembler7@gmail.com AIM: emptybinder78Yahoo: drunkonmarshmellows
Website: http://www.ghostrider.trap17.com Today, I am going to give us a project to work on
together. I originally had planned that at the end of tutorial that we were going to write Solitare
in PHP, but that seems hard and complex and way beyond of the intended scope of this tutorial.
Perhaps for another tutorial. My friend Laurie reccomended that we write Tic Tac Toe bec....
Using Sessions Instead Of Cookies, Help Please
(1) This is a simple code to register and login.. this uses cookies.. i want to use sessions instead..
can someone tell how i can do it ? config.php CODE <? ob_start(); // allows you
to use cookies $conn =
mysql_connect("localhost","USER","PASSWORD");
mysql_select_db(DATEBASE) or die(mysql_error()); //fill in the above
lines where there are capital letters. $logged = MYSQL_QUERY("SELECT * from users
WHERE id='$_COOKIE[id]' AND password = '$....
Sessions And Login
Without Cookies (5) Hi, I have a login script i made using PHP sessions and MySQL. It works fine but there is a
problem. As you know Sessions are stored in Cookies by PHP. So if someone has switched Cookies off
then no sessions will work. How to solve this problem ? Please help me. Thanks and have a good
day. ....
Session Variables
Sessions in PHP behaving strangely (4) Hi. I am part of a development team working in PHP and MySQL. The site is using SSL, and users
have to log to use the site. When users log in, their important details are retrieved from the
database and stored in session variables (functionality in the site is permissions specific).
Lately, sessions are "disappearing" for no apparent reason. Users will log in, and at some point
(the length of time will vary unpredicatably) the sessions will lose their value (the variables are
empty) and this causes the site to evict the user. This is very frustrating for the user b....
Php Sessions
Multiple users using the same login (2) Hi, I'm realtively new to PHP and I'm considering creating some login functionality.
However I want a group of users to use the same loginname and password. They will be loggin infrom
different machines. The users will know they are sharing the account. Can anyone give me an idea
of what kind of effect this might have on my sessions? Will it create any odd hiccups or other
strange things?....
Sessions
-tutorial- (7) Why Session when I can use Cookies? Because cookies are about 30% unreliable, and that % is rising.
Plus more and more browsers are coming with security and privacy settings that do not allow storing
of cookies on computers. PHP has a great function(s) that have the same results as cookies and more,
plus they are invisible and store information on web server. Session have great capabillity. For
example if you want to have a member system on your website, with session you could identify a
user, user's level and other. Session start function: session_start() Fir....
Sessions
heeeelllllp!!!!!! (8) Hi. Im making a flatfile chatroom. Ive been making it about a month because I dont understand the
sessions. When the user enters the room he/she has to enter a nickname. But when the user enters a
message the chatroom "forgets" the nickname. Ive been messing around with sessions but I cant get em
to work. Session_start(); thingy is in the right place (at the top). Ive looked through about 10
diferent tutorials but they were useless. How do I make it to pass the nickname variable to multiple
pages? And please dont tell me to search google or use php.net because ive alread....
Looking for sessions
|
|
Searching Video's for sessions
|
advertisement
|
|
Jul 25, 2008
