[Pugged] Secure Cookies
Dave J. Hala Jr.
ciapug@ciapug.org
20 Sep 2002 18:38:22 -0500
I was attempting to duplicate the potential security issues we discussed
during lunch, and was unable to breach my site.
I see that your code is using cookies, but I'm using session variables.
Hopefully I haven't got my terminology screwed up.
Here's some code:
session_start();
session_register("authorized");
session_register("agency");
# convert first/last to lower case
# first_name, last_name, password, came here from an http post
$first_name = strtolower($first_name);
$last_name = strtolower($last_name);
$SQL = "SELECT * FROM $table_name WHERE first_name = \"$first_name\" AND
password = password(\"$password\") AND last_name = \"$last_name\" ";
$result= mysql_query($SQL,$connection)or die(mysql_error());
# get the location id from the auth users table
# If the number of rows is zero then no match!!!!
$num = mysql_numrows($result);
if ($num != 0)
{
echo "<p>User Authorized!..Setting Authentication parameters...</P>";
$authorized = "ok";
$address = getenv("REMOTE_ADDR");
}
# each page in the system checks to make sure that authorized = "ok"
# if not, it bails out and give them an error message
Can you see any way to breach this?
:) Dave
OSIS
Dave J. Hala Jr.
641.475.1606