Follow us on Twitter!
Things are more like they are now than they have ever been before. - Dwight D. Eisenhower
Saturday, April 19, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 45
Guests Online: 39
Members Online: 6

Registered Members: 82839
Newest Member: fezphantom
Latest Articles
View Thread

HellBound Hackers | Computer General | Programming

Author

Login script


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-06-06 19:26
I made a really clean login script, the only problem is that when you move from one page to the other, it logs you out.

I was going to have the login script make a javascript cookie, and then every page you go to check to make sure you have a cookie full of valid info and then set your status to logged in again, but this got really complicated becasue you cant easily pass info from javascript to php.

I heard that you could do it through $_GET, but that clutters up the URL and i know its not nessesary. if Hellboundhackers page dosnt have to do it, then neither do i Wink

I also tried php cookies, but those always need to be the very first thing in a page, and my script requires that a cookie be set at one of two places in the middle of the code. (within an if statement). so that idea fell apart.

I started to try and make the js cookie go into a hidden form and get passed as $_POST data, but im just starting to learn javascript and putting the cookie into the hidden form proved too challenging for a frustrated me, and even if i finished it I dont know how I can get the $_POST data to submit no matter what link on the page you click.

so anyone else know how to easily get login information to follow a person around and be readable by php as they browse your page?


Author

RE: Login script


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-06-06 19:36
http://uk.php.net/session


Author

RE: Login script


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-06-06 19:42
Use sessions and POST, GEt is certainly too unsecure for that.

Also code a unique token system to prevent session hijacking/fixation.


Author

RE: Login script


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-06-06 19:43
Just took a quick skim through that page. It looks to be exactly what im looking for.

Thanks alot, you saved me many a bruise banging my forhead against the screen Pfft

edit: mental note: I see this is how HBH does it too.




Edited by on 02-06-06 19:47
Author

RE: Login script


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-06-06 19:49
The_Cell wrote:
Also code a unique token system to prevent session hijacking/fixation.


token system? care to explain?


Author

RE: Login script


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-06-06 19:54
The_Cell wrote:
Also code a unique token system to prevent session hijacking/fixation.


token system? care to explain?